AMD will still fix the Sinkclose vulnerability in “outdated” Ryzen 3000

AMD has revised its decision regarding the Sinkclose vulnerability (CVE-2023-31315), previously discovered in its processors. The company intends to offer mitigation measures for systems with Ryzen 3000 “Matisse” series processors, although it had no previous plans to do so.

Image source: amd.com

The vulnerability, called Sinkclose, does not pose a serious threat to ordinary PC owners; to carry out an attack using it, a potential attacker requires access at the system kernel level. This means that hackers will have to use other exploits to get deep enough to exploit Sinkclose, meaning that the PC must already be compromised by this point. And it makes no sense for ordinary viruses to try to use this exploit in practice.

AMD has expanded its plans regarding the possible impact of Sinkclose on Ryzen 3000 processors – the company initially considered them too old to support their owners, but has now changed its mind. Perhaps because with the release of the Ryzen 3000 (Zen 2) series, AMD confirmed that it is a powerful competitive player in the processor market. AMD’s Ryzen 1000 and Ryzen 2000 series desktop chips (AM4) are not mentioned on the AMD Sinkclose website page. If the fact is that they are not susceptible to this vulnerability, then it turns out that all Ryzen AM4 chips will eventually receive protection from Sinkclose.