Description
Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
High
Attack Requirements
Present
Privileges Required
Low
User Interaction
None
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.0.E – PicassoPI-FP5 1.0.0.E
- AMD / AMD Instinct™ MI210ROCm 7.0 – ROCm 7.0
- AMD / AMD Instinct™ MI250ROCm 7.0 – ROCm 7.0
- AMD / AMD Radeon™ PRO W5000 Series Graphics ProductsAMD Software: PRO Edition 22.Q2 (22.10.20) – AMD Software: PRO Edition 22.Q2 (22.10.20)
- AMD / AMD Radeon™ PRO W6000 Series Graphics ProductsAMD Software: PRO Edition 22.Q2 (22.10.20) – AMD Software: PRO Edition 22.Q2 (22.10.20)
- AMD / AMD Radeon™ RX 5000 Series Graphics ProductsAMD Software: Adrenalin Edition 22.5.2 (22.10.17.01) – AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
- AMD / AMD Radeon™ RX 6000 Series Graphics ProductsAMD Software: Adrenalin Edition 22.5.2 (22.10.17.01) – AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
- AMD / AMD Ryzen™ 2000 Mobile ProcessorsComboAM4PI 1.0.0.9 – ComboAM4PI 1.0.0.9
- AMD / AMD Ryzen™ 2000 Mobile ProcessorsComboAM4v2 PI 1.2.0.8 – ComboAM4v2 PI 1.2.0.8
- AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4V1 1.0.0.A – ComboAM4V1 1.0.0.A
- AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4V2 1.2.0.9 – ComboAM4V2 1.2.0.9
- AMD / AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.0.E – PicassoPI-FP5 1.0.0.E
- AMD / AMD Ryzen™ 4000 Series Desktop ProcessorsComboAM4v2 PI 1.2.0.8 – ComboAM4v2 PI 1.2.0.8
- AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.A – RenoirPI-FP6 1.0.0.A
- AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2 PI 1.2.0.8 – ComboAM4v2 PI 1.2.0.8
- AMD / AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsComboAM4v2 PI 1.2.0.8 – ComboAM4v2 PI 1.2.0.8
- AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6 1.0.0.C – CezannePI-FP6 1.0.0.C
- AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.5 – RembrandtPI-FP7_1.0.0.5
- AMD / AMD Ryzen™ Embedded 5000 Series ProcessorsEmbAM4PI 1.0.0.2 – EmbAM4PI 1.0.0.2
- AMD / AMD Ryzen™ Embedded R1000 Series ProcessorsEmbeddedPI-FP5_1.2.0.A – EmbeddedPI-FP5_1.2.0.A
- AMD / AMD Ryzen™ Embedded R2000 Series ProcessorsEmbeddedR2KPI-FP5 1.0.0.2 – EmbeddedR2KPI-FP5 1.0.0.2
- AMD / AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")EmbeddedPI-FP5_1.2.0.A – EmbeddedPI-FP5_1.2.0.A
- AMD / AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")EmbeddedPI-FP5_1.2.0.A – EmbeddedPI-FP5_1.2.0.A
- AMD / AMD Ryzen™ Embedded V2000 Series ProcessorEmbeddedPI-FP6_1.0.0.8 – EmbeddedPI-FP6_1.0.0.8
- AMD / AMD Ryzen™ Embedded V3000 Series ProcessorsEmbeddedPI-FP7r2_1002 – EmbeddedPI-FP7r2_1002
- AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.5 – ChagallWSPI-sWRX8 1.0.0.5
- AMD / AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsCastlePeakWSPI-sWRX8 1.0.0.A – CastlePeakWSPI-sWRX8 1.0.0.A
- AMD / AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.5 – ChagallWSPI-sWRX8 1.0.0.5
- AMD / MI-100ROCm 6.4.2 – ROCm 6.4.2
- AMD / MI-25 / 50No fix planned – No fix planned
References
- MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.html
- MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.html
- MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.html
- MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html