[threatpost] AMD Radeon Graphics Cards Open VMware Workstations to Attack - Overclock.net - An Overclocking Community

Forum Jump: 

[threatpost] AMD Radeon Graphics Cards Open VMware Workstations to Attack

Reply
 
Thread Tools
post #1 of 12 (permalink) Old 09-20-2019, 04:31 PM - Thread Starter
sudo apt install sl
 
WannaBeOCer's Avatar
 
Join Date: Dec 2009
Posts: 5,682
Rep: 178 (Unique: 123)
[threatpost] AMD Radeon Graphics Cards Open VMware Workstations to Attack

Source: https://threatpost.com/amd-radeon-ca...ations/148406/

Quote:
A remote code-execution bug exists in some configurations of the AMD Radeon graphics card that could allow an attacker to take control of a targeted system. The hack entails luring users of vulnerable systems to visit a specially crafted website that can deliver “a malformed pixel shader” to either a Radeon RX 550 or a Radeon 550 series graphics card.

The prerequisites for the attack limit the scope of those impacted. According to Cisco Talos, which found the bug in May, the vulnerability only exists on systems running VMware Workstation 15 with the 64-bit version of Windows 10 running as the as guest VM.

“This vulnerability can be triggered by supplying a malformed pixel shader (inside VMware guest OS) to the AMD ATIDXX64.DLL driver. Such an attack can be triggered from a VMware guest usermode to cause a memory corruption on vmware-vmx.exe process on host, or theoretically through WEBGL (remote website),” according to the Talos Vulnerability Bulletin, published Monday.
Talos Vulnerability Bulletin: https://www.talosintelligence.com/vu...ALOS-2019-0818

Silent
(20 items)
CPU
Core i9 9900K... CoffeeTime! @ 5.1Ghz w/ 1.36v
Motherboard
Maximus VIII Formula
GPU
Radeon VII @ 2100Mhz/1250Mhz w/ 1218mV
RAM
TeamGroup Xtreem 32GB 3200Mhz CL15
Hard Drive
HP EX950 2TB
Hard Drive
Samsung 850 Evo 1TB
Hard Drive
Samsung 850 Evo 1TB
Power Supply
EVGA SuperNova 1200w P2
Cooling
EK Supremacy Full Copper Clean
Cooling
XSPC D5 Photon v2
Cooling
Black Ice Gen 2 GTX360 x2
Cooling
EK-Vector Radeon VII - Copper + Plexi
Case
Thermaltake Core X5 Tempered Glass Edition
Operating System
Clear Linux
Monitor
Acer XF270HUA
Keyboard
Cherry MX Board 6.0
Mouse
Logitech G600
Mouse
Alugraphics GamerArt
Audio
Definitive Technology Incline
Audio
SMSL M8A
▲ hide details ▲
WannaBeOCer is online now  
Sponsored Links
Advertisement
 
post #2 of 12 (permalink) Old 09-20-2019, 05:03 PM
Tetrapyloctomist
 
Aenra's Avatar
 
Join Date: Feb 2017
Posts: 1,455
Rep: 22 (Unique: 20)
This isn't my thing, so with my ignorance on anything 'VM' stated..

I was under the impression that running a virtual OS was failproof safe, it being in fact one of its key advantages; has that changed, or was it never the case?
I get what i'm reading here, i just thought that it being Virtual and isolated, such an occurence was (supposed to be?) impossible.

Pride, honour and purity.
Aenra is offline  
post #3 of 12 (permalink) Old 09-20-2019, 07:12 PM
New to Overclock.net
 
Socks keep you warm's Avatar
 
Join Date: Feb 2011
Location: Melbourne, Australia
Posts: 3,106
Rep: 131 (Unique: 116)
Quote: Originally Posted by Aenra View Post
This isn't my thing, so with my ignorance on anything 'VM' stated..

I was under the impression that running a virtual OS was failproof safe, it being in fact one of its key advantages; has that changed, or was it never the case?
I get what i'm reading here, i just thought that it being Virtual and isolated, such an occurence was (supposed to be?) impossible.
Programs running through a computer though, there will always be a way to break through.

I like to have fun.
https://hwbot.org/user/sockskeepyouwarm/
https://www.trueachievements.com/gamer/II+TH3PRO+II
16 Threads is Good
(10 items)
CPU
Intel Core I9 9900K 4.8Ghz
Motherboard
Gigabyte Aorus Elite
GPU
Aorus 2080Ti Xtreme Waterforce WB 11GB
RAM
Trident Z
Hard Drive
Samsung 250 SSD
Power Supply
Cooler Master Silent Pro Hybrid
Cooling
Watercooling Custom
Case
900D
Operating System
Windows 10 x64
Monitor
28" ACER 4K Monitor
▲ hide details ▲


Socks keep you warm is offline  
Sponsored Links
Advertisement
 
post #4 of 12 (permalink) Old 09-20-2019, 09:19 PM
New to Overclock.net
 
deepor's Avatar
 
Join Date: Feb 2013
Posts: 4,748
Rep: 474 (Unique: 320)
Quote: Originally Posted by Aenra View Post
This isn't my thing, so with my ignorance on anything 'VM' stated..

I was under the impression that running a virtual OS was failproof safe, it being in fact one of its key advantages; has that changed, or was it never the case?
I get what i'm reading here, i just thought that it being Virtual and isolated, such an occurence was (supposed to be?) impossible.

The way I understand this is, this was about the hardware accelerated graphics that you have available with VMWare for your guest. You have a Windows driver from VMWare that you are installing on the Windows that's running inside your VM. That driver then messages the VMWare software that's living on your real host machine. The VMWare software on your host is then doing graphics rendering on the real graphics card of your machine.

This was then somehow made to generate a shader for your real graphics card that did those bad memory accesses. Because this is your actual, real graphics card, the shader can do things to the memory that's supposed to be inaccessible to the VM.
deepor is offline  
post #5 of 12 (permalink) Old 09-20-2019, 09:54 PM
New to Overclock.net
 
matthew87's Avatar
 
Join Date: May 2010
Posts: 199
Rep: 4 (Unique: 4)
Absolute non issue given the day the CVE was announced AMD had already released a driver update to prevent the exploit.

Mundane and hardly news worthy in the scheme of CVEs or complexity for organisations to mitigate or patch against. Exploit existed, AMD patched, enterprises simply need to update drivers on effected devices to resolve.

Effected devices should be pretty small in scope for even the largest enterprises, how many have clients running VMWare Workstation Pro 15 + that specific series of AMD discrete GPUs that were vulnerable in the first place.

Now specter and melt down, they were fun patching and cost many businesses considerable money and productivity. This was effectively 'update drivers yo'.
matthew87 is offline  
post #6 of 12 (permalink) Old 09-20-2019, 10:36 PM
 
The Robot's Avatar
 
Join Date: Mar 2013
Posts: 2,327
Rep: 130 (Unique: 82)
Typical Intel's dog wagging.

Main
(17 items)
Nintendo DS
(8 items)
CPU
6700K
Motherboard
Gigabyte Z170X-Gaming 3
GPU
MSI GTX 1080 Gaming X
RAM
G.Skill Ripjaws V 16GB 3000
Hard Drive
Samsung 850 Evo 500GB
Hard Drive
WD Blue 3TB
Power Supply
EVGA 650 G2
Cooling
Noctua NH-D15S
Cooling
Nanoxia Deep Silence 140mm
Cooling
Nanoxia Deep Silence 120mm
Case
Corsair 400Q
Operating System
Windows 10 Enterprise
Monitor
ViewSonic XG2703-GS 1440p
Keyboard
Leopold FC750 (MX Brown)
Mouse
Logitech Performance Mouse MX
Audio
Mayflower Objective2 + ODAC Rev. B Combo
Audio
Audio-Technica ATH-A990Z
CPU
ARM946E-S 67.028 MHz
CPU
ARM7TDMI 33.514 MHz
RAM
4 MB
Hard Drive
256 kB
Power Supply
850 mAh
Operating System
DS OS
Monitor
3" 256×192 18-bit
Monitor
3" 256×192 18-bit
▲ hide details ▲
The Robot is offline  
post #7 of 12 (permalink) Old 09-21-2019, 12:09 AM
Top kek
 
Join Date: Oct 2013
Location: Bulgaria , Sofia
Posts: 3,457
Rep: 116 (Unique: 69)
How about you post, that it actually got fixed?

Quote:
Timeline

2019-05-08 - Vendor Disclosure
2019-05-16 - Plain text file sent to AMD Security
2019-06-07 - Reissued files to AMD PSIRT vendor
2019-07-18 - Conference call with vendor to discuss report
2019-08-13 - Conference call with vendor to discuss mitigation; Disclosure extended to 2019-09-16
2019-09-16 - Vendor patched; Public Release

Previous Hardware:
Spoiler!
Main rig
(16 items)
Parents (2nd) PC
(13 items)
CPU
AMD R7 1700
Motherboard
ASRock X570 Fatal1ty Gaming K4
GPU
Sapphire RX480 4GB Nitro+
RAM
Corsair Vengeance LPX 2x8GB 3200Mhz
Hard Drive
Corsair ForceLS SSD
Hard Drive
250GB Maxtor SATA 7200RPM 8MB
Hard Drive
250GB Seagate Baracuda SATA 7200RPM 8MB
Hard Drive
500GB WesternDigital Blue 7200RPM 16MB
Power Supply
Corsair TX850M
Cooling
Cooler Master 212 EVO
Case
Thermaltake View 27
Operating System
Windows 10 x64 1607
Monitor
AOC i2267FWH 21.5" 1080p IPS
Keyboard
Logitech K120
Mouse
A4 Tech Bloody v5
Audio
Corsair HS30 Raptor
CPU
AMD FX-8320
Motherboard
ASRock Fatal1ty 990FX Killer
GPU
XFX RX470 4GB SingleFan
RAM
Mushkin Redline 996996 2x4GB 2133Mhz
Hard Drive
Western Digital Green 500GB 7200RPM 8MB
Hard Drive
120GB Kingston SSD
Optical Drive
ASUS DVD+RW x52
Power Supply
Corsair VS650
Cooling
ThermalTake Frio Silent 14
Case
DeepCool Tesseract
Operating System
Windows 10 Enterprise 1607
Monitor
ASUS VS228H 21.5"
Keyboard
Logitech K120
▲ hide details ▲
ku4eto is offline  
post #8 of 12 (permalink) Old 09-21-2019, 12:13 AM
[LV]ErroR_404
 
mkclan's Avatar
 
Join Date: Nov 2011
Location: Latvia
Posts: 534
Rep: 13 (Unique: 12)
Quote: Originally Posted by ku4eto View Post
How about you post, that it actually got fixed?
Fixed =/= interesting. Someone need SENSATION


mkclan is online now  
post #9 of 12 (permalink) Old 09-21-2019, 02:03 AM
New to Overclock.net
 
Imouto's Avatar
 
Join Date: Mar 2012
Posts: 2,021
Rep: 226 (Unique: 108)
Quote: Originally Posted by ku4eto View Post
How about you post, that it actually got fixed?

#EnthusiastLivesMatter
Imouto is offline  
post #10 of 12 (permalink) Old 09-21-2019, 03:31 AM
OG AMD
 
Redwoodz's Avatar
 
Join Date: Jan 2010
Location: Silicon Valley
Posts: 8,376
Rep: 585 (Unique: 459)
RX 550? LOL!!!

https://valid.x86.fr/cache/banner/4d8m5e-6.png
AMD Athlon II 450 @4.74GHz http://valid.canardpc.com/show_oc.php?id=2204588
AMD MaxxMemm Rankings
960T @ 4.6GHz http://valid.canardpc.com/show_oc.php?id=2171450
RedwoodCustomPC
AM4
(4 items)
RCPC#1
(17 items)
Professional
(13 items)
CPU
Ryzen 2200G
Motherboard
ASRock X470 Taichi
GPU
MSI RX570 Armor MKII 8GB
Power Supply
GSKill Ripjaws PS850G
CPU
AMD Phenom II X6 960T
Motherboard
Asus M4A88T-VEVO
GPU
Asus Strix R7 370
RAM
SuperTalent Perfomance
RAM
GSkill Snipers
Hard Drive
Monster Daytona
Hard Drive
Seagate Barracuda 500GB 7,200 RPM 16Mb cache
Optical Drive
Memorex DVD/RW
Power Supply
Corsair GS500
Cooling
Corsair H60
Case
In Win H-Frame
Operating System
Windows 8N
Monitor
IBM 9494 19" LCD
Keyboard
IBM
Mouse
OCZ Behemoth
Mouse
Wolfking
Audio
JBL Creature
CPU
Phenom II X6 1100t
Motherboard
MSI 890FX GD65
GPU
MSI Radeon HD5670
RAM
GSkill RipjawsX DDR3 PC3 12800 2x4GB CL8
Hard Drive
WD Black 1TB SATA III
Optical Drive
Samsung BD
Power Supply
Kingwin Lazer Platinum 500w
Cooling
Zalman 9900MAX
Case
Fractal Design R3
Operating System
Windows 7 64 Professional
Monitor
AOC 22" LED
Keyboard
Logitech
Other
Samsung 470 SSD 128GB
▲ hide details ▲


Redwoodz is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off