Uncategorized

a bit more on AMD PSP vuln

No CVE(s) from US-CERT/NIST/MITRE/NVD.
No AMD tracking id or public response from AMD.
No response from AMD support on the below question on their support forums.

AFAICT, AMD does not have a security advisories page, just occasional announcements on the main PR site. Intel does. Then again, AFAICT, neither does ARM.

Researcher clarifies original statement a bit:

http://seclists.org/fulldisclosure/2018/Jan/21

I would like to clarify that here “remote” means remote code execution on
the TPM component. To mount the attack, local host access is still required.
Sorry if it caused any confusion.

https://community.amd.com/thread/224328

https://www.theregister.co.uk/2018/01/06/amd_cpu_psp_flaw/

http://www.amd.com/en/technologies/security

Standard

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s