Hundreds of millions of AMD CPUs are facing a new vulnerability called Sinkhole. The exploit, which was first reported by Wired, impacts processors dating back to 2006
https://www.wired.com/story/amd-chip-sinkclose-flaw/
Despite Sinkhole hitting some of AMD’s best processors, only the most recent batch of chips will receive a patch
AMD isn’t patching Ryzen 1000, 2000, or 3000 processors, nor is it patching Threadripper 1000 and 2000 CPUs, reports Tom’s Hardware.
DEF CON Official Talk | AMD Sinkclose: Universal Ring-2 Privilege Escalation | Las Vegas, NV
https://ioactive.com/event/def-con-talk-amd-sinkclose-universal-ring-2-privilege-escalation/
This operating mode allows close access to the hardware, and it’s where you’ll find firmware running for power management settings, for example
With such deep access, Wired reports that the malware can dig down so deep that it’s easier to discard an infected computer rather than repair it.
'You basically have to throw your computer away': Researchers explain AMD 'Sinkclose' vulnerability, but do you need to worry?
Disclaimer:
Its called "sinkclose" by researchers and some media & "sinkhole" by some media
AMD has released a list of all affected processors
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html
Via its security page
@killingfloorman oops indeed
Make no mistake, Sinkhole is a major security flaw. However, it’s not an exploit the vast majority of users need to worry about.
Sinkhole, which was discovered by researchers at IOActive, allows attackers to run code in System Management Mode.