New AMD CPU Vulnerabilities disclosed, could impact PS5
AMD have updated their CVE page for vulnerabilities impacting Ryzen CPUs a few weeks ago, as pointed out by by Zecoxao. Two new vulnerabilities have been added to the page, late March.
What are AMD Vulnerabilities and why does the PS5 Scene care?
Bugs in AMD Ryzen CPUs, its Secure Processor (SP), or System Management Unit (SMU) could lead to critical, difficult to patch vulnerabilities for the systems using these CPUs. This is interesting for the PS5 scene because the PS5 APU is a semi-custom processor by AMD, which is known to be based on the Zen 2 architecture. As such, vulnerabilities on AMD’s Ryzen series are likely to impact the PS5 as well.
A Critical, and exploitable bug on such a processor could help hardware hackers to hijack the console at startup, and potentially dump critical information from the PS5, for future hacking. As demonstrated by the Nintendo Switch hack, hardware hacks can be very powerful, and extremely hard to patch for console manufacturers.
Which AMD vulnerabilities were added in 2023?
Two vulnerabilities were added to the list in the past few weeks, specifically:
CVE-2023-20558 (Severity: High)
Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges.
CVE-2023-20559 (Severity: High)
Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges.
From Wikipedia:
SMM [System Management Mode] is a special-purpose operating mode provided for handling system-wide functions like power management, system hardware control, or proprietary OEM designed code. It is intended for use only by system firmware (BIOS or UEFI), not by applications software or general-purpose systems software. The main benefit of SMM is that it offers a distinct and easily isolated processor environment that operates transparently to the operating system or executive and software applications.
High Severity bugs like this one are “good” news for hackers who might be able to leverage them, possibly combining them with former discovered vulnerabilities. Of course, for your regular use, and in particular on your PC, if you use AMD CPUs, it is recommended that you keep your BIOS up to date, as some BIOS updates will have patches for these bugs. It is also possible that future PS5 Firmware updates will have such patches
Source: Via Zecoxao
If this means Jtag/RGH for PS5, I’m about it! It’d be nice to hard modding making a come back to PS consoles.
First!!!!!
Very interesting. Keep up the work hackers.
All games for PS5 will be free and easy to share. We will back to Atari 8 bits.
Please report the latest news of sony handled device Q LITE prodyction, and if is possible input vpk and more homebrews within.
Afaik it will be pc based architecture and probably focused on streaming it’ll have nothing to do with the vita we know it’s just gonna be a steam deck lol, and like it’s not even out yet it’s impossible to know how the homebrew scene will develop for this system
This is good news for a PS5 hack! SMM has more control over the system than the hypervisor.
I hope that sony will patch these krap in ps5 junk
Why
qemu-web-desktop.deb gets a nex addon
qemu-wd-machine-add.deb in perl html cgi
or even a qemu-wd-ps4-add.sh or .deb
so whats the fuzz about the next gen exploit …
im hoping for qemu-system-softmmmu-ps4 ….