ProHoster > Ibhulogi > iindaba ze-intanethi > Ukuba semngciphekweni kwii-AMD CPUs Vumela ukuPhunyezwa kweKhowudi kwinqanaba le-SMM

Ukuba semngciphekweni kwii-AMD CPUs Vumela ukuPhunyezwa kweKhowudi kwinqanaba le-SMM

I-AMD ibhengeze ukuba ibambe ubuthathaka obuthandathu kwi-AMD EPYC kunye ne-AMD Ryzen processors. Ubuthathaka obuthathu obuyingozi kakhulu (i-CVE-2023-31342, i-CVE-2023-31343, i-CVE-2023-31345) inokuvumela ukuphunyezwa kwekhowudi kwinqanaba le-SMM (iNdlela yoLawulo lweSistim), enokubaluleka okuphezulu kunemo ye-hypervisor kunye neringi yokukhusela i-zeroth. Ukunciphisa i-SMM kuvumela ukufikelela okungathintelwanga kuyo yonke imemori yenkqubo kwaye ingasetyenziselwa ukulawula inkqubo yokusebenza. Ubuthathaka bubangelwa kukunqongophala kwegalelo elililo lokuqinisekisa kwisiphathi seSMM, esivumela umhlaseli onethamsanqa ukuba abhale ngaphezulu imixholo ye-SMRAM. Iinkcukacha malunga nendlela yokuhlasela azikanikelwa.

Obunye ubuthathaka:

  • I-CVE-2023-31352 yimpazamo ye-firmware kwindlela ye-AMD SEV (Secure Encrypted Virtualization) esetyenziswa kwiinkqubo ze-virtualization zokukhusela oomatshini bokwenene ekuphazamisekeni yi-hypervisor okanye umphathi wenkqubo yomphathi. Ngokufana nobuthathaka obulungisiweyo ekuqaleni kukaFebruwari, le ngxaki ivumela umlawuli onokufikelela kwindawo yomphathi ukuba afunde imemori engaguqulelwanga, enokuthi iqulathe idatha yenkqubo yeendwendwe eyimfihlo.
  • I-CVE-2023-20582 - Ukukwazi ukudlula i-RMP (i-Reverse Map Table) ihlola xa usebenzisa i-SEV-SNP (i-Secure Nested Paging) ulwandiso, eyenzelwe umsebenzi okhuselekileyo kunye neetafile zephepha lememori enendlwane. Umhlaseli onamalungelo olawulo unokudala iimeko zesiphoso kwi-Page Table Entry (PTE) ukudlula imilinganiselo yokukhusela ingqibelelo yememori yoomatshini bokwenene.
  • I-CVE-2023-20581-Isiphene sokulawula ukufikelela kwe-IOMMU sinokuvumela umhlaseli onelungelo ukuba adlule ukujonga i-RMP kunye nememori yeendwendwe ezonakalise.

Ubuthathaka buchaphazela i-AMD EPYC yesizukulwana se-3 kunye nesesine, iiprosesa ze-AMD EPYC 4 kunye ne-7003 ezizinzisiweyo ze-CPU, i-AMD Ryzen Embekelwe i-R9004, i-R1000, i-2000, i-5000, i-V7000, kunye ne-V2000, i-AMD3000 3000, i-4000, i-AMD5000 7000, i-8000 3000 desktop processors, kunye AMD Athlon XNUMX series.

umthombo: opennet.ru

Thenga ukusingathwa okuthembekileyo kwiindawo ezinokhuseleko lweDDoS, iiseva zeVPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekileyo ngokhuseleko lwe-DDoS, iiseva zeVPS VDS | ProHoster