AMD CPUs Affected by SinkClose Exploit Dating Back to 2006

Posted on 2024-08-12 Edited on 2025-06-24

Quick Report

AMD CPUs are now affected by a new exploit called SinkClose. AMD has disclosed the findings of researchers Enrique Nissim and Krzysztof Okupski from security firm IOActive with CVE-2023-31315

AMD claims the attacker can get Ring 0 to modify system configuration of SMM (System Management Mode) even if it is in a locked state allowing the attacker to bypass SMM protections. However the attack needs access to local system or malware dropped executables that the user grants full privileges which takes over full control of affected systems.

At the moment, AMD has released firmware updates to mitigate the issue except for Ryzen 3000 series Desktop processors and there are no plans to make the fix available. The issue affects all AMD CPUs client and datacenter lineup from Zen 1 to Zen 4 including 3D V-Cache based CPUs.

Source(s)

TPU Article
AMD Security Bulletin CVE-2023-31315