AMD yakazivisa kubviswa kwekusagadzikana makumi maviri nemaviri muchizvarwa chekutanga, chechipiri uye chechitatu che AMD EPYC yakatevedzana server processors, zvichibvumira kushanda kwePSP (Platform Security processor), SMU (System Management Unit) uye SEV (Secure Encrypted Virtualization) tekinoroji kuti ikanganisirwe. . 22 matambudziko akaonekwa muna 6, uye gumi nematanhatu muna 2020. Munguva yekutsvagisa kwekuchengetedza mukati, 16 kusasimba kwakaonekwa nevashandi veGoogle, 2021 naOracle uye 11 neMicrosoft.
Yakagadziridzwa seti yeAGESA (AMD Generic Encapsulated Software Architecture) firmware yakaburitswa kune vanogadzira michina yeOEM, ichivharira kuitika kwezvinetso munzira inotenderera. Makambani akadai seHP, Dell, Supermicro neLenovo vakatoburitsa BIOS uye UEFI firmware zvigadziriso zvemaseva avo masisitimu.
4 kusasimba kunorongedzerwa seine ngozi (ruzivo harwusati rwaburitswa):
- CVE-2020-12954 - kugona kunzvenga nzira dzekudzivirira dzeSPI ROM kuburikidza nekugadzirisa mamwe magadzirirwo emukati chipset. Kusagadzikana kunobvumira anorwisa kuti aite shanduko kuSPI Flash kuunza yakaipa kodhi kana rootkits zvisingaonekwe kune system.
- CVE-2020-12961 - kusadzivirirwa muPSP processor (AMD Security processor), inoshandiswa kumhanyisa yakachengetedzwa yakasarudzika nharaunda isingasvikiki kubva kune huru OS, inobvumira anorwisa kusetazve chero akasarudzika processor rejisita muSMN (System Management Network) uye kupfuura. SPI ROM kudzivirira.
- CVE-2021-26331 - Chikanganiso muSMU (System Management Unit) subsystem yakabatanidzwa mu processor, inoshandiswa kugadzirisa mashandisirwo emagetsi, voltage uye tembiricha, inobvumira mushandisi asina rombo rakanaka kuti aite kodhi kuuraya neropafadzo dzakakwirira.
- CVE-2021-26335 -Iyo isiriyo yekuisa data kusimbiswa mune kodhi inorodha yePSP processor inoita kuti zvikwanise kushandisa anorwisa-anodzorwa tsika padanho usati watarisa siginecha yedhijitari uye kuzadzisa kodhi yavo muPSP.
Zvakasiyana zvinocherechedzwa kubviswa kwekusagadzikana (CVE-2021-26334) mu AMD ΞΌProf toolkit, yakapihwa kusanganisira yeLinux neFreeBSD, uye inoshandiswa kuita uye kuongorora mashandisirwo emagetsi. kuwana mukana weMSR (Model-Specific) Registeri) kuronga kuitiswa kwekodhi yako padanho rezero yekudzivirira mhete (ring-0). Kusagadzikana kwakagadziriswa mu amduprof-3.4-502 yeLinux uye AMDuProf-3.4.494 yeWindows.
Zvichakadaro, Intel yakaburitsa mishumo yekota pamusoro pekusagadzikana mune zvigadzirwa zvayo, kubva kune anotevera matambudziko anobuda pachena:
- CVE-2021-0146 ndeyekusagadzikana muIntel Pentium, Celeron uye Atom processors enharembozha uye desktop masisitimu ayo anobvumira mushandisi nekuwana kwemuviri kumidziyo kuti awane ropafadzo yekukwira nekumisikidza debug modes.
- CVE-2021-0157, CVE-2021-0158 injodzi muBIOS referensi kodhi yakapihwa kuti itange Intel Xeon (E/W/Scalable), Core (7/10/11gen), Celeron (N) uye Pentium Silver processors. Nyaya idzi dzinokonzerwa nekusimbisa kwekuisa kusiriyo kana kutadza kuyerera kwekutonga muBIOS firmware uye kubvumira ropafadzo kukwira kana kuwanikwa kwenzvimbo kunowanikwa.
Source: opennet.ru