CVE-2023-20533

Description

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

High

Affected products

AMD / 2nd Gen AMD EPYC™ Processorsvarious – various
AMD / 3rd Gen AMD EPYC™ Processorsvarious – various
AMD / AMD EPYC™ Embedded 7002various – various
AMD / AMD EPYC™ Embedded 7003various – various
AMD / AMD Ryzen™ 5000 Series Desktop Processors “Vermeer”various – various
AMD / AMD Ryzen™ Embedded 5000various – various
AMD / AMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDTvarious – various
AMD / AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WSvarious – various
AMD / AMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3various – various
AMD / Ryzen™ 3000 Series Desktop Processors “Matisse”various – various

Description

CVSS breakdown

Affected products

References