Gigabyte details BIOS roll-out plan to neutralize Sinkclose vulnerability — eligible AMD CPUs should be patched by end of the month

News
By
published

Gigabyte will complete the patched BIOS rollout by August 31.

Ryzen CPU
Ryzen CPU (Image credit: AMD)

Gigabyte published an advisory stating it will release the new BIOS with the latest AGESA containing the 'Sinkclose' vulnerability patch for many of its AMD motherboards in succession by the end of August. The flaw exclusively affected the entire line of AMD processors released since 2006, requiring a wide range of CPUs to be updated with a new firmware containing the required AGESA microcode.

Considering the potential of this flaw and the release of the much-needed AGESA patches, it's a norm for other motherboard makers to release the patched BIOS quickly once the AGESA patch is out. It's safe to speculate since hackers did not exploit this for 18 years, it's unlikely users would need to be concerned until they receive the BIOS for their AMD motherboards. That said, end users must update the respective motherboard BIOS once it is released. Since many motherboard makers like Gigabyte have included tools to flash BIOS quickly, it will not be difficult for most.

Only three days ago, AMD decided to patch the Sinkclose vulnerability on its Ryzen 3000 series desktop processors, coming close to patching all the CPUs released since 2006. The company did assure at an earlier date that there is no impact expected once the new AGESA-included BIOS is installed on respective motherboards. The following chipsets are the ones that will be patched, along with their BIOS AGESA versions:

Swipe to scroll horizontally
Motherboard ModelsBIOS AGESA version
AM5 600 seriesAMD AGESA 1.2.0.1 for Ryzen 8000/ 7000-series Processors
AM4 500/ 400/ 300 seriesAMD AGESA 1.2.0.Cb for Ryzen 5000/ 5000G/ 4000G-series Processors AMD AGESA 1.2.0.Cc for Ryzen 3000-series Processors
sTRX4 TRX40 seriesAMD AGESA 1.0.0.B for Ryzen Threadripper 3000-series Processors
sTR5 TRX50 series AMD AGESA 1.1.0.0f for Ryzen Threadripper PRO 7000/ Ryzen Threadripper 7000-series Processors

As a quick recap, the Sinkclose vulnerability allows the hacker to gain access to the AMD processor's System Management mode, allowing them to exploit the system's kernel provided the system is already affected by another attack. Though this is difficult, due to the wide range of AMD processors sold since 2006, this puts many users at potential risk. 

Researchers have detected many such risks earlier, who then responsibly warn the public and inform the company with the necessary details. Some mitigations have performance loss to a certain extent after the patch. Many security researchers have done this for all chipmakers over the years, which has helped countless users. Naturally, the solution would need to come from the chipmaker, who then ships it to a partnered motherboard maker.

Since they're not on the BIOS deployment plan, we've contacted AMD to clarify whether the latest Ryzen 9000 and Ryzen AI 300 processors were patched before their release. However, the chipmaker hasn't responded to our inquiry.

See more Motherboards News
Roshan Ashraf Shaikh
Roshan Ashraf Shaikh
Contributing Writer

Roshan Ashraf Shaikh has been in the Indian PC hardware community since the early 2000s and has been building PCs, contributing to many Indian tech forums, & blogs. He operated Hardware BBQ for 11 years and wrote news for eTeknix & TweakTown before joining Tom's Hardware team. Besides tech, he is interested in fighting games, movies, anime, and mechanical watches.

9 Comments Comment from the forums
  • NinoPino
    @Author there is a typo in : "... on its Ryzen 3000 series desktop process, ..."
    Reply
  • Alvar "Miles" Udell
    The new BIOS should confirm the existence of a R5 5500X3D, since I find it difficult to believe AMD would require yet another BIOS release after this one to support it.

    https://www.tomshardware.com/pc-components/cpus/amd-ryzen-5-5500x3d-listing-hints-at-most-affordable-3d-v-cache-cpu-yet-socket-am4-rides-again
    Reply
  • ThisIsMe
    “It's safe to speculate since hackers did not exploit this for 18 years, it's unlikely users would need to be concerned until they receive the BIOS for their AMD motherboards.”

    To be realistic and honest, it’s never safe to speculate. That sounds pessimistic, but if you’re going to give advice in a news article then be sure it’s realistic considering there is no way of proving it’s correctness. That said, no one has said it has not been exploited in 18 years, so to say otherwise is beyond the realm of speculation.

    The only known is that It hasn’t been publicly disclosed that it has been exploited. Also, by the time the patches roll out and the number of patched systems reaches a significant percentage, there could be plenty of time for many systems to be exploited.

    Beyond that, the used AMD processor market is basically a mine field now. No way to know if you’re buying a CPU that isn’t patched, or worse, buying one that is already infected. Since there is no real way to fix it once it is infected and the only way to know if it is would be through external monitoring. Imagine state funded programs buying up CPU’s and reselling them once they’ve been exploited. Rough times ahead.
    Reply
  • jp7189
    ThisIsMe said:
    “It's safe to speculate since hackers did not exploit this for 18 years, it's unlikely users would need to be concerned until they receive the BIOS for their AMD motherboards.”

    To be realistic and honest, it’s never safe to speculate. That sounds pessimistic, but if you’re going to give advice in a news article then be sure it’s realistic considering there is no way of proving it’s correctness. That said, no one has said it has not been exploited in 18 years, so to say otherwise is beyond the realm of speculation.

    The only known is that It hasn’t been publicly disclosed that it has been exploited. Also, by the time the patches roll out and the number of patched systems reaches a significant percentage, there could be plenty of time for many systems to be exploited.

    Beyond that, the used AMD processor market is basically a mine field now. No way to know if you’re buying a CPU that isn’t patched, or worse, buying one that is already infected. Since there is no real way to fix it once it is infected and the only way to know if it is would be through external monitoring. Imagine state funded programs buying up CPU’s and reselling them once they’ve been exploited. Rough times ahead.
    Completely agree with what you've said. Since it's so hard to detect, it's likewise hard to know if this has been exploited.
    Reply
  • Roland Of Gilead
    ThisIsMe said:
    there could be plenty of time for many systems to be exploited.
    Well, yeah, there's time But to exploit this, the system already has to be compromised, so that the attacker can use the exploit to gain access to the kernel, both of which are pretty hard to do.
    Reply
  • Giroro
    I updated from AGESA 1.2.0.3b (2021) to the recent security update for CVE-2024-36877 on my MSI/X570/5900X System. I thought this was for Sinkclose. Looking at it now, maybe that was added one version earlier.

    Either way, the update gave me a massive memory leak in premiere pro, and I was never able to find stable memory OC settings - even at severely reduced speeds to a previously stable OC. The memory leak was still a problem even at stock settings. I think the system was no longer able to correctly free-up used memory, and premiere just uses a lot of memory in a way to make that noticable.
    I rolled back to AGESA 1.2.0.B and things seem better, if anybody else is finding themselves with new stability issues, can't open certain premiere files, or are running out of memory at weird times.
    Reply
  • Psiboy69
    Gigabyte took 6 months to roll out the last big AMD security fix. AMD published the agesa in December and gigabyte have is the BIOS based on it in July. They really are pathetically slow given how important these updates are. They are making Asus support look good. 🤣
    Reply
  • schwaggins
    Giroro said:
    I updated from AGESA 1.2.0.3b (2021) to the recent security update for CVE-2024-36877 on my MSI/X570/5900X System. I thought this was for Sinkclose. Looking at it now, maybe that was added one version earlier.

    Either way, the update gave me a massive memory leak in premiere pro, and I was never able to find stable memory OC settings - even at severely reduced speeds to a previously stable OC. The memory leak was still a problem even at stock settings. I think the system was no longer able to correctly free-up used memory, and premiere just uses a lot of memory in a way to make that noticable.
    I rolled back to AGESA 1.2.0.B and things seem better, if anybody else is finding themselves with new stability issues, can't open certain premiere files, or are running out of memory at weird times.
    Thanks for the warning I'll wait until the next update.
    Reply
  • Giroro
    schwaggins said:
    Thanks for the warning I'll wait until the next update.
    The Gigabyte update might be ok, since I don't know if it was an issue with that MSI specific patch. Just keep an eye on your memory stability if you do update.
    Reply