Vulnerabilites related to AMD - AMD EPYC™ Embedded 7003
cve-2023-20533
Vulnerability from cvelistv5
Published
2023-11-14 18:52
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | Ryzen™ 3000 series Desktop Processors “Matisse" |
Version: various |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:36.915Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 3000 series Desktop Processors “Matisse\"", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 5000 Series Desktop Processors “Vermeer”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDT", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "2nd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Embedded 5000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2023-11-14T17:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.\n\n\n\n\n\n\n\n\n\n\n\n<br>", }, ], value: "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-18T18:34:28.851Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-20533", datePublished: "2023-11-14T18:52:52.106Z", dateReserved: "2022-10-27T18:53:39.739Z", dateUpdated: "2024-08-02T09:05:36.915Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31356
Vulnerability from cvelistv5
Published
2024-08-13 16:54
Modified
2025-02-11 22:48
Severity ?
EPSS score ?
Summary
Incomplete system memory cleanup in SEV firmware could
allow a privileged attacker to corrupt guest private memory, potentially
resulting in a loss of data integrity.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7003 Processors | |||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-31356", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-14T15:46:30.501050Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-459", description: "CWE-459 Incomplete Cleanup", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-30T18:53:56.973Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.C", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "GenoaPI 1.0.0.B", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "unaffected", version: "\"EmbMilanPI-SP3 1.0.0.8\"", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9004", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbGenoaPI-SP5 1.0.0.6", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Incomplete system memory cleanup in SEV firmware could\nallow a privileged attacker to corrupt guest private memory, potentially\nresulting in a loss of data integrity.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Incomplete system memory cleanup in SEV firmware could\nallow a privileged attacker to corrupt guest private memory, potentially\nresulting in a loss of data integrity.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-459", description: "CWE-459 Incomplete Cleanup", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T22:48:16.160Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-31356", datePublished: "2024-08-13T16:54:23.979Z", dateReserved: "2023-04-27T15:25:41.428Z", dateUpdated: "2025-02-11T22:48:16.160Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23829
Vulnerability from cvelistv5
Published
2024-06-18 19:01
Modified
2024-08-29 20:40
Severity ?
EPSS score ?
Summary
A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:51:46.075Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1041.html", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:amd:ryzen_threadripper_pro_5945wx:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_threadripper_pro_5955wx:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_threadripper_pro_5965wx:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_threadripper_pro_5975wx:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_threadripper_pro_5995wx:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_threadripper_pro_5995wx", vendor: "amd", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:ryzen_6600h:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6600hs:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6600u:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6800h:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6800hs:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6800u:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6900hs:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6900hx:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6980hs:-:*:*:*:*:*:*:*", "cpe:2.3:h:amd:ryzen_6980hx:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_6980hx", vendor: "amd", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-23829", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-05T17:32:15.481387Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-29T20:40:26.171Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO Processors 5900 WX-Series", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Mobile Processors and Workstations", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor / 2nd Gen AMD Ryzen™ Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO Processor", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "1st Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "2nd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC (TM) Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD RyzenTM Embedded R1000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD RyzenTM Embedded R2000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD RyzenTM Embedded 5000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD RyzenTM Embedded V1000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD RyzenTM Embedded V2000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD RyzenTM Embedded V3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2024-06-11T18:54:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.</span>\n\n", }, ], value: "A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-18T19:01:57.007Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1041.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2022-23829", datePublished: "2024-06-18T19:01:24.315Z", dateReserved: "2022-01-21T17:20:55.781Z", dateUpdated: "2024-08-29T20:40:26.171Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31342
Vulnerability from cvelistv5
Published
2025-02-11 22:24
Modified
2025-02-12 15:35
Severity ?
EPSS score ?
Summary
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7003 Processors | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-31342", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-12T15:35:29.149040Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-12T15:35:57.126Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "GenoaPI 1.0.0.B", }, ], }, { defaultStatus: "affected", product: "AMD Instinct™ MI300A", vendor: "AMD", versions: [ { status: "unaffected", version: "MI300API 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.1.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.1.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "Pollock-FT5 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "Picasso-FP5 1.0.1.1", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.D", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "Cezanne-FP6 1.0.1.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "Rembrandt-FP7 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "Rembrandt-FP7 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PhoenixPI-FP8-FP7 1.1.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Mobile Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "DragonRangeFL1PI 1.0.0.3C", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbMilanPI-SP3 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9004", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbGenoaPI-SP5 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.3", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.1", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000", vendor: "AMD", versions: [ { status: "unaffected", version: "Embedded-PI FP7r2 1.0.0.9", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.", }, ], value: "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T22:24:02.153Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-31342", datePublished: "2025-02-11T22:24:02.153Z", dateReserved: "2023-04-27T15:25:41.425Z", dateUpdated: "2025-02-12T15:35:57.126Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20578
Vulnerability from cvelistv5
Published
2024-08-13 16:52
Modified
2025-03-18 20:03
Severity ?
EPSS score ?
Summary
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and access to the
BIOS menu or UEFI shell to modify the communications buffer potentially
resulting in arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7001 Processors | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:amd:epyc_7001:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_7001", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.k", }, ], }, { cpes: [ "cpe:2.3:h:amd:epyc_7002:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_7002", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.g", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_9004:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_9004", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.2", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_3000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_3000", vendor: "amd", versions: [ { status: "unaffected", version: "1.1.0.a", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_7002:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_7002", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.a", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_7003:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_7003", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.7", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_9003:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_9003", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.0", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_7000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_7000", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.0", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_v3000", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.8", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-20578", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-15T15:56:35.845479Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-367", description: "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-18T20:03:43.905Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", packageName: "PI", product: "AMD EPYC™ 7001 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "NaplesPI 1.0.0.K", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7002 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "RomePI 1.0.0.G", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.B", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "GenoaPI 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.0.0.1", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.9b", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.9b", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "unaffected", version: "SnowyOwl PI 1.1.0.A", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbRomePI-SP3 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbMilanPI-SP3 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbGenoaPI-SP5 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD RyzenTM Embedded V3000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.8", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\"> A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow\nan attacker with ring0 privileges and access to the\nBIOS menu or UEFI shell to modify the communications <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">buffer </a>potentially\nresulting in arbitrary code execution.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow\nan attacker with ring0 privileges and access to the\nBIOS menu or UEFI shell to modify the communications buffer potentially\nresulting in arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:52:58.457Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-20578", datePublished: "2024-08-13T16:52:58.457Z", dateReserved: "2022-10-27T18:53:39.757Z", dateUpdated: "2025-03-18T20:03:43.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-46774
Vulnerability from cvelistv5
Published
2023-11-14 18:52
Modified
2024-10-11 18:07
Severity ?
EPSS score ?
Summary
Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | Ryzen™ 3000 series Desktop Processors “Matisse" |
Version: various |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T05:17:42.622Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-46774", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:51:52.542045Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:07:59.642Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 3000 series Desktop Processors “Matisse\"", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 5000 Series Desktop Processors “Vermeer”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDT", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "1st Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "2nd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "4th Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Embedded 5000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2023-11-14T17:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.\n\n\n\n\n\n\n\n\n\n\n\n<br>", }, ], value: "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-18T18:31:43.449Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-46774", datePublished: "2023-11-14T18:52:11.012Z", dateReserved: "2022-03-31T16:50:27.874Z", dateUpdated: "2024-10-11T18:07:59.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21925
Vulnerability from cvelistv5
Published
2025-02-11 20:39
Modified
2025-02-12 15:35
Severity ?
EPSS score ?
Summary
Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7001 Processors | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-21925", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-11T21:01:07.683566Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-12T15:35:34.994Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "AMD EPYC™ 7001 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "Naples PI 1.0.0.N", }, ], }, { defaultStatus: "unknown", product: "AMD EPYC™ 7002 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "Rome PI 1.0.0.K", }, ], }, { defaultStatus: "unknown", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "Genoa PI 1.0.0.D", }, ], }, { defaultStatus: "unknown", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "Milan PI 1.0.0.E", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.C", }, { status: "unaffected", version: "ComboAM4v2PI 1.2.0.D", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.D", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.D", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5PI 1.2.0.2b", }, { status: "unaffected", version: "ComboAM5PI 1.1.0.3b", }, { status: "unaffected", version: "ComboAM5PI 1.0.0.a", }, ], }, { defaultStatus: "unknown", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.C", }, { status: "unaffected", version: "ComboAM4v2PI 1.2.0.D", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.D", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5PI 1.2.0.2b", }, { status: "unaffected", version: "ComboAM5PI 1.1.0.3b", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.D", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.F", }, { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.9", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.9", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "StormPeakPI-SP6 1.1.0.0h", }, { status: "unaffected", version: "StormPeakPI-SP6 1.0.0.1j", }, ], }, { defaultStatus: "unknown", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.1.2a", }, { status: "unaffected", version: "PollockPI-FT5 1.0.0.8a", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.1.2a", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.Ea", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.1.1a", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.7a", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.Ba", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.Ba", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PhoenixPI-FP8-FP7 1.1.8.0", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PhoenixPI-FP8-FP7 1.1.8.0", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ 7000 Series Mobile Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "DragonRangeFL1PI 1.0.0.3f", }, ], }, { defaultStatus: "unknown", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "unaffected", version: "SnowyOwlPI 1.1.0.E", }, ], }, { defaultStatus: "unknown", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbRomePI-SP3 1.0.0.D", }, ], }, { defaultStatus: "unknown", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbMilanPI-SP3 1.0.0.A", }, ], }, { defaultStatus: "unknown", product: "AMD EPYC™ Embedded 9004", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbGenoaPI 1.0.0.9", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Embedded 5000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.7", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Embedded 7000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedV2KAPI-FP6 1.0.0.7", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Embedded V2000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.B", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Embedded V3000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI_FP7R2 1.0.0.C", }, ], }, { defaultStatus: "unknown", product: "AMD Ryzen™ Embedded 8000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPhoenixPI-FP7r2_1.2.0.0", }, ], }, ], datePublic: "2025-02-11T17:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.", }, ], value: "Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T20:39:03.746Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2024-21925", datePublished: "2025-02-11T20:39:03.746Z", dateReserved: "2024-01-03T16:43:09.232Z", dateUpdated: "2025-02-12T15:35:34.994Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21980
Vulnerability from cvelistv5
Published
2024-08-05 16:06
Modified
2024-08-05 21:00
Severity ?
EPSS score ?
Summary
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | 3rd Gen AMD EPYC™ Processors |
Version: various |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_7003_firmware", vendor: "amd", versions: [ { lessThan: "milanpi_1.0.0.9_sp3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_9003_firmware", vendor: "amd", versions: [ { lessThan: "genoapi_1.0.0.7_sp5", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_7773x_firmware", vendor: "amd", versions: [ { lessThan: "milanpi_1.0.0.d", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_9754s_firmware", vendor: "amd", versions: [ { lessThan: "genoapi_1.0.0.c", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-21980", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-05T20:52:33.557459Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-05T21:00:57.665Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "MilanPI 1.0.0.D", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "4th Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "GenoaPI 1.0.0.C", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { lessThan: "EmbMilanPI-SP3 1.0.0.9", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003", vendor: "AMD", versions: [ { lessThan: "EmbGenoaPI-SP5 1.0.0.7", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, ], datePublic: "2024-08-05T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.</span>\n\n</span>", }, ], value: "Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-05T16:06:36.216Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2024-21980", datePublished: "2024-08-05T16:06:36.216Z", dateReserved: "2024-01-03T16:43:30.197Z", dateUpdated: "2024-08-05T21:00:57.665Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31343
Vulnerability from cvelistv5
Published
2025-02-11 22:35
Modified
2025-02-12 15:35
Severity ?
EPSS score ?
Summary
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7003 Processors | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-31343", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-12T15:34:57.941103Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-12T15:35:05.712Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "GenoaPI 1.0.0.B", }, ], }, { defaultStatus: "affected", product: "AMD Instinct™ MI300A", vendor: "AMD", versions: [ { status: "unaffected", version: "MI300API 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.1.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.1.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Pollock-FT5 1.0.0.7\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Picasso-FP5 1.0.1.1\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"RenoirPI-FP6 1.0.0.D\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Cezanne-FP6 1.0.1.0\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"MendocinoPI-FT6 1.0.0.6\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Rembrandt-FP7 1.0.0.A\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Rembrandt-FP7 1.0.0.A\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"PhoenixPI-FP8-FP7 1.1.0.2\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Mobile Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "\"DragonRangeFL1PI 1.0.0.3C\"", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "unaffected", version: "\"EmbMilanPI-SP3 1.0.0.8\"", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 9004", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbGenoaPI-SP5 1.0.0.6", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Embedded R1000", vendor: "AMD", versions: [ { status: "unaffected", version: "\"EmbeddedPI-FP5 1.2.0.C\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000", vendor: "AMD", versions: [ { status: "affected", version: "\"EmbeddedR2KPI-FP5 1.0.0.3\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000", vendor: "AMD", versions: [ { status: "unaffected", version: "\"EmbAM4PI 1.0.0.5\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.1", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000", vendor: "AMD", versions: [ { status: "unaffected", version: "\"EmbeddedPI-FP6 1.0.0.9\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Embedded-PI FP7r2 1.0.0.9\"", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.<br>", }, ], value: "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T22:35:04.110Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-31343", datePublished: "2025-02-11T22:35:04.110Z", dateReserved: "2023-04-27T15:25:41.426Z", dateUpdated: "2025-02-12T15:35:05.712Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21978
Vulnerability from cvelistv5
Published
2024-08-05 16:05
Modified
2024-08-05 17:36
Severity ?
EPSS score ?
Summary
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | 3rd Gen AMD EPYC™ Processors |
Version: various |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_7003_firmware", vendor: "amd", versions: [ { lessThan: "milanpi_1.0.0.9_sp3", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_9003_firmware", vendor: "amd", versions: [ { lessThan: "genoapi_1.0.0.7_sp5", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_7773x_firmware", vendor: "amd", versions: [ { lessThan: "milanpi_1.0.0.d", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_9754s_firmware", vendor: "amd", versions: [ { lessThan: "genoapi_1.0.0.c", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-21978", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-05T17:01:18.171419Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-05T17:36:02.731Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "MilanPI 1.0.0.D", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "4th Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "GenoaPI 1.0.0.C", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { lessThan: "EmbMilanPI-SP3 1.0.0.9", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003", vendor: "AMD", versions: [ { lessThan: "EmbGenoaPI-SP5 1.0.0.7", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, ], datePublic: "2024-08-05T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.</span>\n\n</span>\n\n</span>", }, ], value: "Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-05T16:05:34.019Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2024-21978", datePublished: "2024-08-05T16:05:34.019Z", dateReserved: "2024-01-03T16:43:30.197Z", dateUpdated: "2024-08-05T17:36:02.731Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26345
Vulnerability from cvelistv5
Published
2023-11-14 18:53
Modified
2024-08-03 20:26
Severity ?
EPSS score ?
Summary
Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | 2nd Gen AMD EPYC™ Processors |
Version: various |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:26:24.909Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "2nd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "4th Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2023-11-14T17:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.\n\n\n\n\n\n\n\n\n\n\n\n<br>", }, ], value: "Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 1.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-18T18:38:22.990Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], source: { advisory: "AMD-SB-3002, AMD-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-26345", datePublished: "2023-11-14T18:53:20.979Z", dateReserved: "2021-01-29T21:24:26.145Z", dateUpdated: "2024-08-03T20:26:24.909Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23830
Vulnerability from cvelistv5
Published
2023-11-14 18:53
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | 3rd Gen AMD EPYC™ Processors |
Version: various |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:51:45.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "4th Gen AMD EPY™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2023-11-14T17:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n<br>", }, ], value: "SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 1.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-18T18:41:52.383Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], source: { advisory: "AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2022-23830", datePublished: "2023-11-14T18:53:28.408Z", dateReserved: "2022-01-21T17:20:55.781Z", dateUpdated: "2024-08-03T03:51:45.987Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31345
Vulnerability from cvelistv5
Published
2025-02-11 23:49
Modified
2025-02-12 15:33
Severity ?
EPSS score ?
Summary
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7003 Processors |
Version: MilanPI 1.0.0.C |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-31345", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-12T15:32:58.953979Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-12T15:33:04.071Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "affected", version: "MilanPI 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "GenoaPI 1.0.0.B", }, ], }, { defaultStatus: "affected", product: "AMD Instinct™ MI300A", vendor: "AMD", versions: [ { status: "unaffected", version: "MI300API 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.1.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2PI 1.2.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.1.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Pollock-FT5 1.0.0.7\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Picasso-FP5 1.0.1.1\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"RenoirPI-FP6 1.0.0.D\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Cezanne-FP6 1.0.1.0\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"MendocinoPI-FT6 1.0.0.6\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Rembrandt-FP7 1.0.0.A\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Rembrandt-FP7 1.0.0.A\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "\"PhoenixPI-FP8-FP7 1.1.0.2\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Mobile Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "\"DragonRangeFL1PI 1.0.0.3C\"", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "unaffected", version: "\"EmbMilanPI-SP3 1.0.0.8\"", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9004", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbGenoaPI-SP5 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000", vendor: "AMD", versions: [ { status: "unaffected", version: "\"EmbAM4PI 1.0.0.5\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.1", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000", vendor: "AMD", versions: [ { status: "unaffected", version: "\"EmbeddedPI-FP6 1.0.0.9\"", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000", vendor: "AMD", versions: [ { status: "unaffected", version: "\"Embedded-PI FP7r2 1.0.0.9\"", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.", }, ], value: "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T23:49:05.388Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-31345", datePublished: "2025-02-11T23:49:05.388Z", dateReserved: "2023-04-27T15:25:41.427Z", dateUpdated: "2025-02-12T15:33:04.071Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31315
Vulnerability from cvelistv5
Published
2024-08-09 17:08
Modified
2024-09-12 12:56
Severity ?
EPSS score ?
Summary
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | 3rd Gen AMD EPYC™ Processors |
Version: various |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-09-12T12:56:32.250Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://www.darkreading.com/remote-workforce/amd-issues-updates-for-silicon-level-sinkclose-flaw", }, { url: "https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Enrique%20Nissim%20Krzysztof%20Okupski%20-%20AMD%20Sinkclose%20Universal%20Ring-2%20Privilege%20Escalation.pdf", }, { url: "https://news.ycombinator.com/item?id=41475975", }, ], title: "CVE Program Container", x_generator: { engine: "ADPogram 0.0.1", }, }, { affected: [ { cpes: [ "cpe:2.3:h:amd:1st_gen_amd_epyc_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "1st_gen_amd_epyc_processors", vendor: "amd", versions: [ { lessThan: "naples.pi.1.0.0.m", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:3rd_gen_amd_epyc_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "3rd_gen_amd_epyc_processors", vendor: "amd", versions: [ { lessThan: "milan.pi.1.0.0.d", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:2nd_gen_amd_epyc_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "2nd_gen_amd_epyc_processors", vendor: "amd", versions: [ { lessThan: "rome.pi.1.0.0.j", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_3000_series_desktop_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_3000_series_desktop_processors", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:h:amd:4th_gen_amd_epyc_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "4th_gen_amd_epyc_processors", vendor: "amd", versions: [ { lessThan: "genoa_pi_1.0.0.c", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_3000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_3000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_7002:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_7002", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_7003:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_7003", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_9003:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_9003", vendor: "amd", versions: [ { lessThan: "emgenoa.pi.1.0.0.7", status: "unaffected", version: "0", versionType: "custom", }, { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_r1000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_r1000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_r2000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_r2000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_7000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_7000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_5000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_5000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_v1000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_v1000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_v3000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_v2000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_v2000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7040_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7040_series_mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "phoenixpi-fp8-fp7.1.1.0.3", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_5000_series_desktop_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_5000_series_desktop_processors", vendor: "amd", versions: [ { lessThan: "comboam4v2pi.1.2.0.cb", status: "unaffected", version: "0", versionType: "custom", }, { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_5000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_5000_series_desktop_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "comboam4v2pi.1.2.0.cb", status: "unaffected", version: "0", versionType: "custom", }, { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7000_desktop_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7000_desktop_processors", vendor: "amd", versions: [ { lessThan: "comboam5pi.1.2.0.1", status: "affected", version: "0", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_4000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_4000_series_desktop_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "comboam4v2pi.1.2.0.cb", status: "affected", version: "0", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_threadripper_3000_series_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_threadripper_3000_series_processors", vendor: "amd", versions: [ { lessThan: "castlepeakpl-sp3r3.1.0.0.b", status: "affected", version: "0", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_threadripper_pro_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_threadripper_pro_processors", vendor: "amd", versions: [ { lessThan: "chagallwspi-swrx8.1.0.0.8", status: "affected", version: "various", versionType: "python", }, { lessThan: "castlepeakwspi-swrx8.1.0.0.8", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_threadripper_pro_3000wx_series_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_threadripper_pro_3000wx_series_processors", vendor: "amd", versions: [ { lessThan: "chagallwspi-swrx8.1.0.0.8", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:athlon_3000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "athlon_3000_series_mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "picasso-fp5.1.0.1.2", status: "affected", version: "various", versionType: "python", }, { lessThan: "pollockpi-ft5.1.0.0.8", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_3000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_3000_series_desktop_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "picasso-fp5.1.0.1.2", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_4000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_4000_series_mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "renoirpi-fp6.1.0.0.e", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_5000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_5000_series_mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "cezannepi-fp6.1.0.1.1", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7030_series-mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7030_series-mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "cezannepi-fp6", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7045_series_mobile_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7045_series_mobile_processors", vendor: "amd", versions: [ { lessThan: "dragonrangefl1.1.0.0.3e", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_6000_processors_with_radeongraphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_6000_processors_with_radeongraphics", vendor: "amd", versions: [ { lessThan: "remembrandtpi-fp7.1.0.0.b", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7020_processors_with_radeongraphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7020_processors_with_radeongraphics", vendor: "amd", versions: [ { lessThan: "mendocinopi-ft6.1.0.0.7", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7035_processors_with_radeongraphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7035_processors_with_radeongraphics", vendor: "amd", versions: [ { lessThan: "remembrandtpi-fp7.1.0.0.b", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_8000_series_processors_with_radeongraphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_8000_series_processors_with_radeongraphics", vendor: "amd", versions: [ { lessThan: "comboam5pi.1.2.0.1", status: "unaffected", version: "various", versionType: "python", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2023-31315", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-09T17:29:59.373286Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-27T14:54:02.319Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "Milan PI 1.0.0.D", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "1st Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "Naples PI 1.0.0.M", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "2nd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "Rome PI 1.0.0.J", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "4th Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "Genoa PI 1.0.0.C", status: "unaffected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003", vendor: "AMD", versions: [ { lessThan: "EmbGenoaPI 1.0.0.7", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { lessThan: "ComboAM4v2PI 1.2.0.cb", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "ComboAM4v2PI 1.2.0.cb", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { lessThan: "ComboAM5PI 1.2.0.1", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "ComboAM4v2PI 1.2.0.cb", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { lessThan: "CastlePeakPI-SP3r3 1.0.0.B", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO Processors", vendor: "AMD", versions: [ { lessThan: "ChagallWSPI-sWRX8 1.0.0.8", status: "affected", version: "various", versionType: "PI", }, { lessThan: "CastlePeakWSPI-sWRX8 1.0.0.D", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { lessThan: "ChagallWSPI-sWRX8 1.0.0.8", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "Picasso-FP5 1.0.1.2", status: "unaffected", version: "various", versionType: "PI", }, { lessThan: "PollockPI-FT5 1.0.0.8", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "Picasso-FP5 1.0.1.2", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "RenoirPI-FP6 1.0.0.E", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "CezannePI-FP6 1.0.1.1", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "CezannePI-FP6", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "PhoenixPI-FP8-FP7 1.1.0.3", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7045 Series Mobile Processors", vendor: "AMD", versions: [ { lessThan: "DragonRangeFL1 1.0.0.3e", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "RembrandtPI-FP7 1.0.0.B", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "MendocinoPI-FT6 1.0.0.7", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "RembrandtPI-FP7 1.0.0.B", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 8000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "ComboAM5PI 1.2.0.1", status: "unaffected", version: "various", versionType: "PI", }, ], }, ], datePublic: "2024-08-09T12:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.</span>", }, ], value: "Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T15:37:24.501Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-31315", datePublished: "2024-08-09T17:08:24.237Z", dateReserved: "2023-04-27T15:25:41.423Z", dateUpdated: "2024-09-12T12:56:32.250Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23820
Vulnerability from cvelistv5
Published
2023-11-14 18:52
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
Failure to validate the AMD SMM communication buffer
may allow an attacker to corrupt the SMRAM potentially leading to arbitrary
code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | Ryzen™ 3000 series Desktop Processors “Matisse" |
Version: various |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:51:46.067Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 3000 series Desktop Processors “Matisse\"", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 5000 Series Desktop Processors “Vermeer”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso” AM4", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ 2000 Series Processors “Colfax”", vendor: "AMD", versions: [ { status: "affected", version: "Various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDT", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics “Picasso” FP5", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics \"Rembrandt\"", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2023-11-14T17:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Failure to validate the AMD SMM communication buffer\nmay allow an attacker to corrupt the SMRAM potentially leading to arbitrary\ncode execution.\n\n\n\n\n\n\n\n<br>", }, ], value: "Failure to validate the AMD SMM communication buffer\nmay allow an attacker to corrupt the SMRAM potentially leading to arbitrary\ncode execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-18T18:28:41.324Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2022-23820", datePublished: "2023-11-14T18:52:21.457Z", dateReserved: "2022-01-21T17:20:55.778Z", dateUpdated: "2024-08-03T03:51:46.067Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31355
Vulnerability from cvelistv5
Published
2024-08-05 16:04
Modified
2024-08-06 14:58
Severity ?
EPSS score ?
Summary
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.
References
| ▼ | URL | Tags |
|---|---|---|
| https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | 3rd Gen AMD EPYC™ Processors |
Version: various |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-31355", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-06T14:07:12.426239Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-06T14:58:40.899Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "MilanPI 1.0.0.D", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "4th Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "GenoaPI 1.0.0.C", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { lessThan: "EmbMilanPI-SP3 1.0.0.9", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003", vendor: "AMD", versions: [ { lessThan: "EmbGenoaPI-SP5 1.0.0.7", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, ], datePublic: "2024-08-05T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.</span>\n\n</span>\n\n</span>\n\n</span>", }, ], value: "Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-05T16:04:24.813Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-31355", datePublished: "2024-08-05T16:04:24.813Z", dateReserved: "2023-04-27T15:25:41.428Z", dateUpdated: "2024-08-06T14:58:40.899Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20521
Vulnerability from cvelistv5
Published
2023-11-14 18:52
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 | vendor-advisory | |
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso” AM4 |
Version: various |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-20521", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2023-11-27T19:38:18.334372Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-26T14:56:31.535Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T09:05:36.873Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso” AM4", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ Threadripper™ 2000 Series Processors “Colfax”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” FP5", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics “Picasso” FP5", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "1st Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "2nd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Embedded R1000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Embedded R2000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Embedded V1000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2023-11-14T17:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.\n\n\n\n\n\n\n\n\n\n\n\n<br>", }, ], value: "TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-18T18:42:56.250Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-20521", datePublished: "2023-11-14T18:52:31.662Z", dateReserved: "2022-10-27T18:53:39.737Z", dateUpdated: "2024-08-02T09:05:36.873Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20566
Vulnerability from cvelistv5
Published
2023-11-14 18:54
Modified
2024-12-03 14:26
Severity ?
EPSS score ?
Summary
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | 3rd Gen AMD EPYC™ Processors |
Version: various |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:36.943Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20566", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2023-11-27T20:58:09.078592Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T14:26:45.381Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "4th Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "unaffected", product: "AMD EPYC™ Embedded 9003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2023-11-14T17:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n<br>", }, ], value: "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-18T18:36:52.542Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002", }, ], source: { advisory: "AMD-SB-3002", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-20566", datePublished: "2023-11-14T18:54:00.908Z", dateReserved: "2022-10-27T18:53:39.753Z", dateUpdated: "2024-12-03T14:26:45.381Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }