To take advantage of the vulnerability, a hacker has to already possess access to a computer's kernel, the core of the operating system. AMD compares the Sinkhole technique to accessing a bank's safe-deposit boxes after bypassing alarms, guards, and vault doors.
Sophisticated state-sponsored hackers are likely to already possess techniques for exploiting kernel-level vulnerabilities exposed in Windows and Linux. Nissim mentioned that kernel exploits for these systems are available for attackers, with Sinkclose seen as the next step.
Nissim and Okupski's Sinkclose technique exploits an obscure feature of AMD chips called TClose, allowing tricking the SMM code into executing tampered data and redirecting the processor to run malicious code at a highly privileged level.
[
Collection
]
[
|
...
]