1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News AMD confirms CTS-Labs vulns, promises fixes

Discussion in 'Article Discussion' started by bit-tech, 21 Mar 2018.

  1. bit-tech

    bit-tech Supreme Overlord Lover of bit-tech Administrator

    Joined:
    12 Mar 2001
    Posts:
    3,676
    Likes Received:
    138
    Read more
     
  2. Spraduke

    Spraduke Lurker

    Joined:
    23 Sep 2009
    Posts:
    1,151
    Likes Received:
    464
    In other words: About as exciting as the myriad of windows exploits that get patched on a near continuous basis!

    Not exactly earth shattering is it! On the other hand potential shorting of AMD stock 24 hours before this announcement is far me interesting and worthy of follow up (not that such behavior is ever punished - looking at you Intel CEO!).
     
  3. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,909
    Likes Received:
    591
    I'll wait for more details on AMD about exactly how they're going to patch the hardware vuln in the ASMedia chipset. And on firmer ETAs for release: still waiting on those SPECTRE v1 & v2 microcode updates! (SPECTRE incidentally being a perfect method to perform the privilege escalation needed to use these exploits)
     
  4. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,648
    Likes Received:
    388
    Well apparently AMD have reported the unusual trading activity in its stocks to the relevant authorities, it will probably end up going nowhere but at least they've reported it.
     
  5. faugusztin

    faugusztin I *am* the guy with two left hands

    Joined:
    11 Aug 2008
    Posts:
    6,953
    Likes Received:
    270
    More like how will Asus/Gigabyte/MSI/... patch the firmware in ASMedia chips on AMD and Intel boards.
     
  6. RedFlames

    RedFlames ...is not a Belgian football team

    Joined:
    23 Apr 2009
    Posts:
    15,395
    Likes Received:
    2,992
    They won't [probably]...
     
  7. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,909
    Likes Received:
    591
    I keep seeing this meme pop up: Intel boards use an Intel PCH, not an ASMedia chipset. The Promontory chipset CHIMERA attacks is not present on any board other than AM4 and TR4.
    On an Intel board that uses an ASMedia USB host controller for USB 3.1 Gen 2 support (which is not even close to all, most do not use one at all, and may use the Alpine Ridge controller even if they do not expose Thunderbolt, like the Gigabyte Z170N-Gaming 5, Asrock Z270 Gaming-ITX/ac, etc), disabling that host controller just means a USB port or two on the rear is turned off (I've yet to see a board use more than two ports of an ASMedia host controller on Z170 or above). An AM4 or TR4 botherboard (other than A/X300 which is an 'un chipset') CANNOT disable the Promontory chipset, as you'd end up with a brick.
     
  8. Anfield

    Anfield Multimodder

    Joined:
    15 Jan 2010
    Posts:
    7,058
    Likes Received:
    969
    Nothing to do with memes or with Intel PCH.

    You have to look further into the Intel mainboard past, while many recent Intel boards have done away with 3rd party usb (etc) controllers they used to be much more common a couple years ago (and since cpu performance has progressed so little since then there are tons of affected boards still in the wild).
     
  9. faugusztin

    faugusztin I *am* the guy with two left hands

    Joined:
    11 Aug 2008
    Posts:
    6,953
    Likes Received:
    270
    ASM1042, ASM1142, ASM 1143 are vulnerable too. What one of my older boards, an ASUS P8Z77-I DELUXE has for USB 3 ? ASM1042.

    Hell, CTS Labs themselves say so :
    So there is an attack vector for many Intel boards too. In case of Sandy/Ivy boards to add USB 3.0, in case of Haswell and newer to add USB 3.1, or just to add more USB ports.
     
  10. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,648
    Likes Received:
    388
    Unless I've misunderstood though the vulnerabilities are in both the ASMedia chips and the AMD PSP, AFAIK the PSP is meant to prevent flashing if the update isn't digital signed and it's not.
     
  11. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,909
    Likes Received:
    591
    And in both those cases they are used as peripheral devices. If you were to completely compromise one, you could... snoop on the external USB bus I guess? It only has access to its own PCIe lanes (it;s not a bus like PCI-X) and the PCH on the other end of those links is not compromised.
    However in the case of Promontory, the exploited controller is sitting on the same die as all the other parts of the chipset.
    That's right: CHIMERA targets Promontory, the other 4 exploits target the SE within the RyZen/Epyc CPU itself in different ways.
     
Tags: Add Tags

Share This Page