CVE-2023-31315
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-31315
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-31315.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-31315
- Downstream
- Related
- Published
- 2024-08-12T13:38:10Z
- Modified
- 2025-08-09T20:01:26Z
- Summary
- [none]
- Details
-
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
- References
-
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html
- https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Enrique%20Nissim%20Krzysztof%20Okupski%20-%20AMD%20Sinkclose%20Universal%20Ring-2%20Privilege%20Escalation.pdf
- https://news.ycombinator.com/item?id=41475975
- https://www.darkreading.com/remote-workforce/amd-issues-updates-for-silicon-level-sinkclose-flaw