bhouston 104 days ago [-]
tomku 104 days ago [-]
Doesn't make much sense to have the link to the original source flagged off the front page and people submitting news articles about it instead, could we get some mod action here?
bhouston 104 days ago [-]
This whole thing is fishy. No CVE, no disclosure timeline?
nimbius 104 days ago [-]
heres a link to the researchers site: https://amdflaws.com/

https://safefirmware.com/amdflaws_whitepaper.pdf

these all seem to report windows credential guard exploits to be possible, so hypervisor breaches. No word if this is effective in Linux?

a TPM bypass is also noted...albeit im not sure how many linux servers employ the TPS for anything meaningful. most versions are shunned for their inherent security concerns.