What microcode version is patched for sinkclose on our AMD systems?

half-fast

Have been busy and missed a lot of the information, but also found there isn't a ton of information on this either. At least from sources I had checked.

Has sinkclose been patched on Solus, and if so, how can we check?

Thanks in advance!

Harvey

Sinkclose is fixed via a UEFI update for your motherboard, it is not something the operating system addresses. It is unlikely most motherboards have an update available yet.

You should not worry too much because this exploit requires kernel level access. If the attacker has that you are already compromised.

Harvey

Some additional clarification:

Microcode updates are currently only listed as a mitigation option for the majority of AMDs EYPC line. EYPC fixes were apparently put in place back in May so they should already be in place on Solus.

Ryzen, Threadripper and EPYC Embedded only list AGESA versions (Comes as part of a UEFI update from your motherboard vendor) or a target date for a future fix: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html

I doubt we have many people on EYPC but if you are you can compare your microcode version with the one in the table above via: grep "microcode" /proc/cpuinfo for all other CPUs this information is not useful at the time of writing.

half-fast

Harvey Thank you, and sorry for the late reply. I must have been confused - I thought the microcode and Bios was needed. Thanks for your clarification!