Welcome to WarBulletin - your new best friend in the world of gaming. We're all about bringing you the hottest updates and juicy insights from across the gaming universe. Are you into epic RPG adventures or fast-paced eSports? We've got you covered with the latest scoop on everything from next-level PC gaming rigs to the coolest game releases. But hey, we're more than just news! Ever wondered what goes on behind the scenes of your favorite games? We're talking exclusive interviews with the brains behind the games, fresh off-the-press photos and videos straight from gaming conventions, and, of course, breaking news that you just can't miss. We know you love gaming 24/7, and that's why we're here round the clock, updating you on all things gaming. Whether it's the lowdown on a new patch or the buzz about the next big gaming celeb, we're on it.

Contacts

  • Owner: SNOWLAND s.r.o.
  • Registration certificate 06691200
  • 16200, Na okraji 381/41, Veleslavín, 162 00 Praha 6
  • Czech Republic

AMD Discovers New Vulnerabilities Affecting Zen 1, 2, 3, 4 CPUs, BIOS Mitigations Released

AMD has disclosed new BIOS-side vulnerabilities across all of its Zen CPU generations, which has particularly impacted the SPI connection, compromising security.

AMD's Newly-Discovered Vulnerabilities Could Potentially Lead To High-Level Security Compromises, Affects All Generations of Zen CPUs But BIOS Fixes Released

The emergence of vulnerabilities across CPU architectures isn't surprising, but this time, AMD has apparently discovered something much bigger, impacting a more extensive consumer base, and the severity of it is listed as "high" this time as well. Moreover, the discovered vulnerabilities enter from your motherboard's BIOS as well; hence, the matter is indeed sensitive, and according to AMD, the consequences of the mentioned include the "trigger" of arbitrary codes and much more.

Related Story AMD Anti-Lag+ Is Coming Back, Latency Enhancement For RDNA 3 GPUs Through Driver Toggle

Moving into the specifics, AMD mentions that the vulnerability is broken down into four different compromises, and it relies on "messing up" with your SPI interface, which can lead to malicious activities such as denial of service, execution of arbitrary codes, and the bypass of your system's integrity. Team Red has described the vulnerabilities in multiple CVEs, and you can view their findings below to have an idea of how costly it can be:

CVE Severity CVE Description CVE-2023-20576 High Insufficient Verification of Data Authenticity in AGESA may allow an attacker to update SPI ROM data potentially resulting in denial of service or privilege escalation. CVE-2023-20577 High A heap overflow in SMM module may allow an attacker with access to a second vulnerability that enables writing to SPI flash, potentially resulting in arbitrary code execution. CVE-2023-20579 High Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability. CVE-2023-20587
Read more on wccftech.com
Prev Post
Dungeons and Dragons Co-Op Game Is Still in Pre-Production, Yet Starbreeze Says It’s on Track for 2026

Related News

Latest Posts
AMD “China-Specific” Instinct MI309 AI GPU Faces Approval Rejection From The US Government
  • By wccftech.com

AMD “China-Specific” Instinct MI309 AI GPU Faces Approval Rejection From The US Government

NVIDIA Halts The Use of CUDA On Other Platforms, Lists New Warning in the EULA
  • By wccftech.com

NVIDIA Halts The Use of CUDA On Other Platforms, Lists New Warning in the EULA

V-Color Unveils OC R-DIMM Octo-Kit DDR5 Memory For AMD WRX90: New RCD, PMIC Micro-Heatsink, Up To 7200 MT/s & 768 GB
  • By wccftech.com

V-Color Unveils OC R-DIMM Octo-Kit DDR5 Memory For AMD WRX90: New RCD, PMIC Micro-Heatsink, Up To 7200 MT/s & 768 GB

Jurassic World 4 Title Possibly Revealed By A New Rumor
  • By gamerant.com

Jurassic World 4 Title Possibly Revealed By A New Rumor

Microsoft DirectX DirectSR “Super Resolution” Technology To Debut At GDC, Working With AMD & NVIDIA
  • By wccftech.com

Microsoft DirectX DirectSR “Super Resolution” Technology To Debut At GDC, Working With AMD & NVIDIA

New Elder Scrolls V: Skyrim Mod Finally Makes NPCs Take Cover from Your Arrows and Spells
  • By wccftech.com

New Elder Scrolls V: Skyrim Mod Finally Makes NPCs Take Cover from Your Arrows and Spells