Cybersecurity

23 readers

28 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

[email protected]

Apparently there's a major #vulnerability in #AMD CPUs: "AMD Microcode Signature Verification Vulnerability." (fedia.io)

submitted 5 days ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

Apparently there's a major #vulnerability in #AMD CPUs: "AMD Microcode Signature Verification Vulnerability."

The vulnerability was leaked by #ASUS in their beta BIOS changelog:

https://web.archive.org/web/20250106151231/https://rog.asus.com/motherboards/rog-strix/rog-strix-x870-i-gaming-wifi/helpdesk_bios/

ASUS has since removed this entry from the changelog since it likely broke the embargo. Either way, this is not great as the new firmware is largely not yet available and likely won't be for a long while.

#infosec #cybersecurity

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 5 days ago (1 children)

@[email protected] hadn't seen that, but I had seen that "PeCoffLoader memory overflow issue for security" which sounded oddly suspicious

[–] [email protected] 2 points 5 days ago* (last edited 5 days ago)

@gabrielesvelto Yeah, information for that vulnerability is non-existent as well. In all the vulnerability management doesn't seem to be going great here.

Update: The "PeCoffLoader memory overflow issue for security" likely is CVE-2024-38796: https://nvd.nist.gov/vuln/detail/cve-2024-38796