AMD announced a new vulnerability in its CPU drivers that allowed to obtain passwords and modify memory pages without administrator access, which was patched in the latest versions of its PSP drivers and chipset drivers, to which AMD recommends updating.
The vulnerability was discovered by Kyriakos Economou, a security researcher and co-founder of research company ZeroPeril, who immediately contacted AMD and worked closely with the red company to fix the problem, and did not release his details until it was released. patched to ensure the safety of users.
This is what Economou declared about this new vulnerability:
During our tests we were able to filter out multiple gigabytes of uninitialized physical pages when reserving and continuously release blocks of 100 reservations until the system fails to return a buffer of contiguous physical pages.
The content on these physical pages ranged from kernel objects to arbitrary pool addresses that served to bypass mitigations for vulnerabilities such as KASLR, and they even had registry key mappings of Registry Machine SAM containing NTLM hashes of authentication credentials. that could be used in subsequent attacks.
For example, this technique can be used to steal credentials from a user with administrative privileges or used in the “pass-the-hash” style to gain access within a network.
As Economou reveals, this vulnerability allowed obtaining information of all kinds, which includes even the credentials of users with administrative privileges to then escalate privileges or hashes that allow access to networks, and even have the possibility of exceeding the mitigations of different vulnerabilities and later exploit them, so it would be very serious for an attacker to exploit this vulnerability in our system.
To address this issue, AMD recommends that users of affected platforms, which you can find below, update their PSP (Platform Security Processor) drivers to version 18.104.22.168 via Windows Update or update the chipset drivers. to version 3.08.17.735, which already include the PSP update that fixes this vulnerability. BIOS updates are not necessary in this case.
The platforms affected by this vulnerability are the following:
- AMD Ryzen Mobile with Radeon 2nd Gen Graphics
- AMD Ryzen Threadripper de 2da Gen
- AMD Ryzen Threadripper de 3ra Gen
- A-series CPU with 6th Generation Radeon Graphics
- A-Series Mobile 6th Generation
- FX APU with 6th Generation Radeon ™ R7 Graphics
- A-Series 7th Generation APUs
- A-Series Mobile 7th Generation
- 7th Generation Mobile E-Series
- APU A4 with Radeon Graphics
- APU A6 with Radeon R5 Graphics
- APU A8 with Radeon R6 Graphics
- A10 APU with Radeon R6 Graphics
- 3000 Mobile with Radeon Graphics
- Athlon 3000 Mobile with Radeon Graphics
- Athlon Mobile with Radeon Graphics
- Athlon X4
- Athlon 3000 Series Mobile with Radeon Graphics
- APU E1 with Radeon Graphics
- Ryzen 1000 Series
- Ryzen 2000 Desktop Series
- Ryzen 2000 Mobile Series
- Ryzen 3000 Desktop Series
- Ryzen 3000 Series Mobile with Radeon Graphics
- Ryzen 3000 Mobile Series
- Ryzen 4000 Series For Desktop with Radeon Graphics
- Ryzen 5000 Desktop Series
- Ryzen 5000 Desktop Series with Radeon Graphics
- AMD Ryzen 5000 Series Mobile with Radeon Graphics
- Ryzen Threadripper PRO
- Ryzen Threadripper