Any recommendations against Sinkclose on older CPUs?
from kenkenken@fedia.io to cybersecurity@sh.itjust.works on 14 Aug 2024 12:57
https://fedia.io/m/cybersecurity@sh.itjust.works/t/1080981
from kenkenken@fedia.io to cybersecurity@sh.itjust.works on 14 Aug 2024 12:57
https://fedia.io/m/cybersecurity@sh.itjust.works/t/1080981
As AMD has no intentions to release a patch for the Ryzen 3000 series and bellow, what users can do to protect themselves?
I can assume few things:
-
Do not run any untrusted software and closed source software in general.
-
Do not run untrusted OSes and distros. Also disable ability to boot from external devices.
-
Sandboxing (e.g. flatpaks) won’t give you any protection, as it does not protect against kernel exploits.
-
VMs can give defense if you need to run untrusted apps. Probably it is good to run networking apps in a VM also.
What else? What about web browsers? What you are going to do with affected devices if you have them?
threaded - newest
It requires kernel level access to abuse, so it will probably be mostly used in targeted attacks. General good technical hygiene should be good enough to prevent becoming a random victim.
Maybe someone will prove me wrong, but I think there is still not enough public information about the vulnerability and the possible mitigations to answer your questions thoroughly.