Description
Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None
Affected products
- AMD / AMD Instinct™ MI210ROCm 6.4 – ROCm 6.4
- AMD / AMD Instinct™ MI250ROCm 6.4 – ROCm 6.4
- AMD / AMD Radeon™ PRO V710 Graphics ProductsContact your AMD Customer Engineering representative – Contact your AMD Customer Engineering representative
- AMD / AMD Radeon™ PRO W7000 Series Graphics ProductsAMD Software: PRO Edition 24.Q2 (24.10.20) – AMD Software: PRO Edition 24.Q2 (24.10.20)
- AMD / AMD Radeon™ RX 7000 Series Graphics ProductsAMD Software: Adrenalin Edition 24.7.1 (24.10.29.01) – AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
- AMD / AMD Ryzen™ 4000 Series Desktop ProcessorsComboAM4v2PI_1.2.0.CA – ComboAM4v2PI_1.2.0.CA
- AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoir-FP6_ 1.0.0.D – Renoir-FP6_ 1.0.0.D
- AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2PI_1.2.0.CA – ComboAM4v2PI_1.2.0.CA
- AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezanne-FP6_1.0.1.0 – Cezanne-FP6_1.0.1.0
- AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandt-FP7_1.0.0.A – Rembrandt-FP7_1.0.0.A
- AMD / AMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsMendocinoPI-FT6_1.0.0.6 – MendocinoPI-FT6_1.0.0.6
- AMD / AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsCezanne-FP6_1.0.1.0 – Cezanne-FP6_1.0.1.0
- AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.1.0.2 – PhoenixPI-FP8-FP7_1.1.0.2
- AMD / AMD Ryzen™ Embedded V2000 Series ProcessorsEmbeddedPI-FP6_1.0.0.A – EmbeddedPI-FP6_1.0.0.A
- AMD / AMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 1009 – Embedded-PI_FP7r2 1009