Safety instructions for AMD Flaws
On 21.03.2018 AMD confirmed information regarding the security issues known as "AMD Flaws" with the names Masterkey, Ryzenfall, Fallout and Chimera.[1][2] The vulnerabilities were discovered by the security company CTS Labs and affect different systems. Patches are currently being prepared and will be distributed to PC and motherboard manufacturers in the next few weeks. These patches will be applied by BIOS updates.
Which systems are affected by the individual security issues is explained in detail in an article on heise.de.[3] According to AMD, admin rights are required to exploit the security issues. In contrast to Spectre and Meltdown, the patches distributed in the future should not lead to a loss in performance.
Affected systems from Thomas-Krenn
You will find the available and affected motherboards at Thomas-Krenn in the table below. As soon as BIOS updates are available, we update the table accordingly:
Motherboard | BIOS Version | Status BIOS Update | Download-Link |
---|---|---|---|
Asus PRIME B350M-A | n/a | under investigation | |
Supermicro H11DSi-NT | n/a | under investigation |
Further information
- Initial AMD Technical Assessment of CTS Labs Research (community.amd.com/community/amd-corporate/blog, 21.03.2018)
- “AMD Flaws” Technical Summary (blog.trailofbits.com, 15.03.2018)
References
- ↑ Initial AMD Technical Assessment of CTS Labs Research (community.amd.com, 21.03.2018)
- ↑ Ryzenfall, Fallout & Co: AMD bestätigt Sicherheitslücken in Ryzen- und Epyc-Prozessoren (heise.de, 21.03.2018)
- ↑ Sicherheitsforscher beschreiben 12 Lücken in AMD-Prozessoren (heise.de, 13.03.2018)
Changelog
Version 1.0, 21.03.2018: Initial version with first information and confirmation from AMD.
Author: Thomas Niedermeier Thomas Niedermeier working in the product management team at Thomas-Krenn, completed his bachelor's degree in business informatics at the Deggendorf University of Applied Sciences. Since 2013 Thomas is employed at Thomas-Krenn and takes care of OPNsense firewalls, the Thomas-Krenn-Wiki and firmware security updates.
|
Author: Werner Fischer Werner Fischer, working in the Knowledge Transfer team at Thomas-Krenn, completed his studies of Computer and Media Security at FH Hagenberg in Austria. He is a regular speaker at many conferences like LinuxTag, OSMC, OSDC, LinuxCon, and author for various IT magazines. In his spare time he enjoys playing the piano and training for a good result at the annual Linz marathon relay.
|