Discussion in 'Article Discussion' started by bit-tech, 21 Mar 2018.
In other words: About as exciting as the myriad of windows exploits that get patched on a near continuous basis!
Not exactly earth shattering is it! On the other hand potential shorting of AMD stock 24 hours before this announcement is far me interesting and worthy of follow up (not that such behavior is ever punished - looking at you Intel CEO!).
I'll wait for more details on AMD about exactly how they're going to patch the hardware vuln in the ASMedia chipset. And on firmer ETAs for release: still waiting on those SPECTRE v1 & v2 microcode updates! (SPECTRE incidentally being a perfect method to perform the privilege escalation needed to use these exploits)
Well apparently AMD have reported the unusual trading activity in its stocks to the relevant authorities, it will probably end up going nowhere but at least they've reported it.
More like how will Asus/Gigabyte/MSI/... patch the firmware in ASMedia chips on AMD and Intel boards.
They won't [probably]...
I keep seeing this meme pop up: Intel boards use an Intel PCH, not an ASMedia chipset. The Promontory chipset CHIMERA attacks is not present on any board other than AM4 and TR4.
On an Intel board that uses an ASMedia USB host controller for USB 3.1 Gen 2 support (which is not even close to all, most do not use one at all, and may use the Alpine Ridge controller even if they do not expose Thunderbolt, like the Gigabyte Z170N-Gaming 5, Asrock Z270 Gaming-ITX/ac, etc), disabling that host controller just means a USB port or two on the rear is turned off (I've yet to see a board use more than two ports of an ASMedia host controller on Z170 or above). An AM4 or TR4 botherboard (other than A/X300 which is an 'un chipset') CANNOT disable the Promontory chipset, as you'd end up with a brick.
Nothing to do with memes or with Intel PCH.
You have to look further into the Intel mainboard past, while many recent Intel boards have done away with 3rd party usb (etc) controllers they used to be much more common a couple years ago (and since cpu performance has progressed so little since then there are tons of affected boards still in the wild).
ASM1042, ASM1142, ASM 1143 are vulnerable too. What one of my older boards, an ASUS P8Z77-I DELUXE has for USB 3 ? ASM1042.
Hell, CTS Labs themselves say so :
So there is an attack vector for many Intel boards too. In case of Sandy/Ivy boards to add USB 3.0, in case of Haswell and newer to add USB 3.1, or just to add more USB ports.
Unless I've misunderstood though the vulnerabilities are in both the ASMedia chips and the AMD PSP, AFAIK the PSP is meant to prevent flashing if the update isn't digital signed and it's not.
And in both those cases they are used as peripheral devices. If you were to completely compromise one, you could... snoop on the external USB bus I guess? It only has access to its own PCIe lanes (it;s not a bus like PCI-X) and the PCH on the other end of those links is not compromised.
However in the case of Promontory, the exploited controller is sitting on the same die as all the other parts of the chipset.
That's right: CHIMERA targets Promontory, the other 4 exploits target the SE within the RyZen/Epyc CPU itself in different ways.
Separate names with a comma.