AMD Issues Updates for Silicon-Level 'SinkClose' Processor Flaw

AMD has issued firmware updates to address a nearly two-decades-old silicon-level vulnerability it its EPYC data center processors and its line of Ryzen processors for PCs and embedded systems.

The flaw affects a component in the processor for protecting System Management Mode (SMM), an execution mode so protected in the processor that it is even more privileged than kernel-level mode. Researchers from IOActive who discovered the privilege escalation vulnerability described it as an "unpatchable" issue that, if exploited, would allow an attacker to implant malware on a system that would be almost impervious to removal attempts.

Hundreds of millions of devices worldwide currently have AMD chips that contain the vulnerability.

The SinkClose Flaw

The "SinkClose" vulnerability, as IOActive researchers have dubbed it, is somewhat similar to "Memory Sinkhole," an SMM-bypass vulnerability in Intel Sandy Bridge and prior processors that security researcher Christopher Domas disclosed at a Black Hat presentation in 2015. Domas has also uncovered other hardware level vulnerabilities in Intel chips.

"The vulnerability is nearly impossible to fix in computers that aren't configured correctly — which is the case for most systems," IOActive said in a statement. "In properly configured systems, the vulnerability could lead to malware infections — known as bootkits — that are nearly impossible to detect."

AMD itself has described the vulnerability as an issue that gives attackers who already have ring0 — or kernel level — access to an affected system a way to potentially modify the SMM even if SMM Lock, a feature for preventing unauthorized SMM modifications, is turned on. "Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMM Lock is enabled, potentially leading to arbitrary code execution," the chip vendor said.

SMM is a mode on AMD chips for low-level system management functions. It only executes code from a segregated block of memory called system management random access memory, or SMRAM. AMD chips implement a memory controller called TSeg to protect access to SMRAM.

SMM Bypass Attack

However, IOActive researchers Enrique Nissim and Krzysztof Okupski found a way to overcome these protections and get SMM to essentially execute code of their choice from outside the SMRAM. They did this by leveraging a feature called TClose that AMD incorporated into its chips for backward compatibility with a legacy memory management feature. Dumas' SinkHole flaw involved a similar legacy feature in Intel chips.

Nissim and Okupski determined an attacker could use the SinkClose flaw to drop malware deep enough — and persistent enough — inside a system to make it invisible to the operating system, the hypervisor, and to all endpoint detection mechanisms. In a talk at the DEF CON hacker conference on Aug. 10, the researchers described the vulnerability as something a remote attacker would be able to exploit. However, an adversary would need an in-depth understanding of AMD chip architecture — something that only a nation-state-level would likely possess — to be able to exploit it.

AMD itself has contended by way of background context that an attacker with the level of access required to exploit the SinkClose vulnerability would already have the ability to read, modify, erase, and snoop on everything on the computer. In addition, someone with operating system kernel-level access can also disable security mechanisms and prevent a computer from booting.

"This is akin to having the knowledge to break into a safe deposit box at the bank," AMD noted in an email to Dark Reading. "In the real world, to get to the box, a burglar must first get past the alarms, the guards, the vault door and its own locks, clearly not an easy task."

An attacker with the skills and knowledge to execute an SMM bypass attack could install malware of the sort IOActive has warned about. But it wouldn't be the first time attackers have deployed such malware, AMD said by way of background, pointing to the Lojax firmware-level rootkit from 2018. "While this malware may be stealthy, it is not invisible or impossible to remediate."

"AMD has released mitigation options for its AMD EPYC datacenter products and AMD Ryzen PC products," the chipmaker said. "A full list of impacted products and mitigation options is available in our product security bulletin."