AMD Chipset Driver Vulnerability Gives Hackers Access to Sensitive Data

Chip maker AMD has patched a driver flaw that could allow attackers to obtain sensitive information from a targeted system. The vulnerability, tracked as CVE-2021-26333 and classified as moderate severity by AMD, affects the company’s Platform Security Processor (PSP) chipset driver, which is used by multiple graphics cards and processors. The vulnerability was discovered by Kyriakos Economou, co-founder of cybersecurity research and development firm ZeroPeril, in a technical report published by the company.

According to what AMD describes as an information disclosure problem, an attacker with low privileges on the target system can “send requests to the driver that lead to potential data leakage of uninitialized physical pages.”

Affected Products

2nd Gen AMD Ryzen Mobile Processors with Radeon Graphics

2nd Gen AMD Ryzen Threadripper Processors

3rd Gen AMD Ryzen? Threadripper™ processor

6th Gen AMD A-Series CPU with Radeon™ Graphics

6th Generation AMD A-Series Mobile Processors

6th Gen AMD FX APU with Radeon® R7 Graphics

7th Gen AMD A-Series APUs

7th Generation AMD A-Series Mobile Processors

7th Generation AMD E-Series Mobile Processors

AMD A4 Series APUs with Radeon Graphics

AMD A6 APU with Radeon R5 Graphics

AMD A8 APU with Radeon R6 Graphics

AMD A10 APU with Radeon R6 Graphics

AMD 3000 Series Mobile Processors with Radeon™ Graphics

AMD Athlon 3000 Series Mobile Processors with Radeon™ Graphics

AMD Athlon Mobile Processors with Radeon™ Graphics

AMD Athlon X4 Processor

AMD Athlon with Radeon™ graphics? 3000 Series Mobile Processors

AMD Athlon? X4 processor

AMD E1 Series APUs with Radeon Graphics

AMD Ryzen 1000 Series Processors

AMD Ryzen 2000 Series Desktop Processors

AMD Ryzen 2000 Series Mobile Processors

AMD Ryzen 3000 Series Desktop Processors

AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics

AMD Ryzen 3000 Series Mobile Processors

AMD Ryzen 4000 Series Desktop Processors with Radeon Graphics

AMD Ryzen 5000 Series Desktop Processors

AMD Ryzen 5000 Series Desktop Processors with Radeon Graphics

AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics

AMD Ryzen? Threadripper® PRO processors

AMD Ryzen? Threadripper™ processor

AMD has advised users to update the PSP driver to version 5.17.0.0 or the chipset driver to version 3.08.17.735 via Windows Update. And thanks to the company that found the bug!

lighten

AMD recommends updating to AMD PSP driver 5.17.0.0 or to AMD chipset driver 3.08.17.735 via Windows Update.

Thanks

AMD thanks Kyriakos Economou of ZeroPeril Ltd for reporting this issue and participating in coordinating the vulnerability disclosure.

Kyriakos Economou, co-founder of cybersecurity research and development firm ZeroPeril, is credited with discovering the vulnerability. In a technical advisory report detailing the findings, the researchers noted that the attack is entirely possible due to information leaks and memory leak bugs.

He claimed that an attacker could exploit the vulnerability to obtain registry key mappings containing NTLM hashes of authentication credentials, or to obtain data that could potentially help bypass vulnerability mitigations such as Kernel Address Space Randomization (KASLR).

“For example,[NTLM 散列] Can be used to steal credentials of users with administrative privileges and/or for pass-the-hash attacks to gain further access inside the network,” the bulletin reads. ZeroPeril reports four mitigation recommendations.

Economou also noted that AMD’s list of affected products may not be complete. The vulnerability has been confirmed to affect Ryzen 2000 and 3000 series CPUs, and is not mentioned in the affected list in AMD’s bulletin.

The Links:   G170EG01-V1 MG200Q2YS1

Related Posts