AMD processors dating back to 2006, reportedly numbering in the hundreds of millions of chips, suffer from a major security flaw that allows attackers to infiltrate a system virtually undetectable. AMD Product Security has since released updates for several processor families to mitigate this issue, but not all of them will be covered. According to a statement given to Tom’s Hardware, AMD said, “There are some older products that are outside our software support window.” AMD has no plans to update its Ryzen 1000, 2000, and 3000 series processors or its Threadripper 1000 and 2000 models.
Nevertheless, most of AMD’s recent processors have already received mitigation options to deal with the issue. This includes all generations of AMD’s EPYC processors for the data center, the latest Threadripper, and Ryzen processors. Its MI300A data center chips are also getting the patch. The company said there is “No performance impact expected” when asked about the consequences of the update. Thus, the company is likely still doing performance tests to fully assess patch impacts on overall system performance.
These are all the AMD chips that are expected to have, or already have, the security patch available:
| Data Center | Embedded | Desktop | HEDT | Workstation | Mobile |
|---|---|---|---|---|---|
| 1st Gen AMD EPYC (Naples) | AMD EPYC Embedded 3000 | AMD Ryzen 5000 Series (Vermeer/Cezanne) | AMD Ryzen Threadripper 3000 Series (Castle Peak) | AMD Ryzen Threadripper PRO (Castle Peak) | AMD Athlon 3000 Series with Radeon Graphics (Dali/Pollock) |
| 2nd Gen AMD EPYC (Rome) | AMD EPYC Embedded 7002 | AMD Ryzen 7000 Series (Raphael) X3D | AMD Ryzen Threadripper 7000 Series (Storm Peak) | AMD Ryzen Threadripper PRO 3000WX (Chagall) | AMD Ryzen 3000 Series with Radeon Graphics (Picasso) |
| 3rd Gen AMD EPYC (Milan/Milan-X) | AMD EPYC Embedded 7003 | AMD Ryzen 4000 Series with Radeon Graphics (Renoir) | Row 2 – Cell 3 | Row 2 – Cell 4 | AMD Ryzen 4000 Series with Radeon Graphics (Renoir) |
| 4th Gen AMD EPYC (Genoa/Genoa-X/Bergamo/Siena) | AMD EPYC Embedded 9003 | AMD Ryzen 8000 Series with Radeon Graphics (Phoenix) | Row 3 – Cell 3 | Row 3 – Cell 4 | AMD Ryzen 5000 Series with Radeon Graphics (Cezanne/Barcelo) |
| AMD Instinct MI300A | AMD Ryzen Embedded R1000 | Row 4 – Cell 2 | Row 4 – Cell 3 | Row 4 – Cell 4 | AMD Ryzen 6000 Series with Radeon Graphics (Rembrandt) |
| Row 5 – Cell 0 | AMD Ryzen Embedded R2000 | Row 5 – Cell 2 | Row 5 – Cell 3 | Row 5 – Cell 4 | AMD Ryzen 7020 Series with Radeon Graphics (Mendocino) |
| Row 6 – Cell 0 | AMD Ryzen Embedded 5000 | Row 6 – Cell 2 | Row 6 – Cell 3 | Row 6 – Cell 4 | AMD Ryzen 7030 Series with Radeon Graphics (Barcelo-R) |
| Row 7 – Cell 0 | AMD Ryzen Embedded 7000 | Row 7 – Cell 2 | Row 7 – Cell 3 | Row 7 – Cell 4 | AMD Ryzen 7035 Series with Radeon Graphics (Rembrandt-R) |
| Row 8 – Cell 0 | AMD Ryzen Embedded V1000 | Row 8 – Cell 2 | Row 8 – Cell 3 | Row 8 – Cell 4 | AMD Ryzen 7040 Series with Radeon Graphics (Phoenix) |
| Row 9 – Cell 0 | AMD Ryzen Embedded V2000 | Row 9 – Cell 2 | Row 9 – Cell 3 | Row 9 – Cell 4 | AMD Ryzen 7045 Series (Dragon Range) |
| Row 10 – Cell 0 | AMD Ryzen Embedded V3000 | Row 10 – Cell 2 | Row 10 – Cell 3 | Row 10 – Cell 4 | AMD Ryzen with Radeon Graphics (Hawk Point) |
These are all the chips that are flagged to receive an update so far, and it covers most of the recent processors. However, you’ll notice that several older processors, which are nonetheless popular with consumers, are not included in this list. These include the Ryzen 3000 and older processors and Threadripper 2000 and older chips. The latest Ryzen 9000 and Ryzen AI 300 series processors are also not included in the list, but these newly-released models might have had this vulnerability already addressed from the factory. We’re following up for clarity.
Attackers need to access the system kernel to exploit the Sinkclose vulnerability, so the system would have to already be compromised. The hack itself is a sophisticated vector that is usually only used by state-sponsored hackers, so most casual users should take that into account.
Nevertheless, all Ryzen Embedded and EPYC Embedded systems will receive an update to patch the vulnerability. This is because most embedded machines are designed to run in the background 24/7 with little to no human intervention for several years, meaning they can be used as attack vectors if not updated properly.
But even if you don’t have state secrets stashed in your personal computer, we still recommend updating your chips if you receive an update from AMD. That way, you ensure that you’re protected and won’t lose your data, even if the Sinkclose vulnerability becomes more widely used.
