Description
Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
Affected products
- AMD / AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.CA – ComboAM4v2PI 1.2.0.CA
- AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.D – RenoirPI-FP6 1.0.0.D
- AMD / AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.CA – ComboAM4v2PI 1.2.0.CA
- AMD / AMD Ryzen™ 5000 Series Processors with Radeon™ GraphicsCezanne-FP6 1.0.1.0 – Cezanne-FP6 1.0.1.0
- AMD / AMD Ryzen™ 6000 Series Processor with Radeon™ GraphicsRembrandt-FP7 1.0.0.A – Rembrandt-FP7 1.0.0.A
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5 1.1.0.2 – ComboAM5 1.1.0.2
- AMD / AMD Ryzen™ 7000 Series Mobile ProcessorsDragonRangeFL1PI 1.0.0.3C – DragonRangeFL1PI 1.0.0.3C
- AMD / AMD Ryzen™ 7035 Series Processor with Radeon™ GraphicsRembrandt-FP7 1.0.0.A – Rembrandt-FP7 1.0.0.A
- AMD / AMD Ryzen™ 7040 Series Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.1.0.2 – PhoenixPI-FP8-FP7 1.1.0.2
- AMD / AMD Ryzen™ 8000 Series Processor with Radeon™ GraphicsComboAM5 1.1.0.2 – ComboAM5 1.1.0.2
- AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.1.0.2 – PhoenixPI-FP8-FP7 1.1.0.2
- AMD / AMD Ryzen™ Embedded 7000EmbeddedAM5PI 1.0.0.1 – EmbeddedAM5PI 1.0.0.1
- AMD / AMD Ryzen™Embedded V2000EmbeddedPI-FP6 1.0.0.9 – EmbeddedPI-FP6 1.0.0.9
- AMD / AMD Ryzen™Embedded V3000Embedded-PI FP7r2 1.0.0.9 – Embedded-PI FP7r2 1.0.0.9