Description
Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Affected products
- AMD / AMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsComboAM4v2PI 1.2.0.D – ComboAM4v2PI 1.2.0.D
- AMD / AMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsComboAM4PI 1.0.0.C – ComboAM4PI 1.0.0.C
- AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.1.2a – PicassoPI-FP5 1.0.1.2a
- AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPollockPI-FT5 1.0.0.8a – PollockPI-FT5 1.0.0.8a
- AMD / AMD EPYC™ 7001 ProcessorsNaples PI 1.0.0.N – Naples PI 1.0.0.N
- AMD / AMD EPYC™ 7002 ProcessorsRome PI 1.0.0.K – Rome PI 1.0.0.K
- AMD / AMD EPYC™ 7003 ProcessorsMilan PI 1.0.0.E – Milan PI 1.0.0.E
- AMD / AMD EPYC™ 9004 ProcessorsGenoa PI 1.0.0.D – Genoa PI 1.0.0.D
- AMD / AMD EPYC™ Embedded 3000SnowyOwlPI 1.1.0.E – SnowyOwlPI 1.1.0.E
- AMD / AMD EPYC™ Embedded 7002EmbRomePI-SP3 1.0.0.D – EmbRomePI-SP3 1.0.0.D
- AMD / AMD EPYC™ Embedded 7003EmbMilanPI-SP3 1.0.0.A – EmbMilanPI-SP3 1.0.0.A
- AMD / AMD EPYC™ Embedded 9004EmbGenoaPI 1.0.0.9 – EmbGenoaPI 1.0.0.9
- AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.D – ComboAM4v2PI 1.2.0.D
- AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4PI 1.0.0.C – ComboAM4PI 1.0.0.C
- AMD / AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ GraphicsPicassoPI-FP5 1.0.1.2a – PicassoPI-FP5 1.0.1.2a
- AMD / AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.D – ComboAM4v2PI 1.2.0.D
- AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.Ea – RenoirPI-FP6 1.0.0.Ea
- AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.D – ComboAM4v2PI 1.2.0.D
- AMD / AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.D – ComboAM4v2PI 1.2.0.D
- AMD / AMD Ryzen™ 5000 Series Processors with Radeon™ GraphicsCezannePI-FP6 1.0.1.1a – CezannePI-FP6 1.0.1.1a
- AMD / AMD Ryzen™ 6000 Series Processor with Radeon™ GraphicsRembrandtPI-FP7 1.0.0.Ba – RembrandtPI-FP7 1.0.0.Ba
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.0.0.a – ComboAM5PI 1.0.0.a
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.2.0.2b – ComboAM5PI 1.2.0.2b
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.1.0.3b – ComboAM5PI 1.1.0.3b
- AMD / AMD Ryzen™ 7000 Series Mobile ProcessorsDragonRangeFL1PI 1.0.0.3f – DragonRangeFL1PI 1.0.0.3f
- AMD / AMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsMendocinoPI-FT6 1.0.0.7a – MendocinoPI-FT6 1.0.0.7a
- AMD / AMD Ryzen™ 7035 Series Processor with Radeon™ GraphicsRembrandtPI-FP7 1.0.0.Ba – RembrandtPI-FP7 1.0.0.Ba
- AMD / AMD Ryzen™ 7040 Series Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.1.8.0 – PhoenixPI-FP8-FP7 1.1.8.0
- AMD / AMD Ryzen™ 8000 Series Processor with Radeon™ GraphicsComboAM5PI 1.2.0.2b – ComboAM5PI 1.2.0.2b
- AMD / AMD Ryzen™ 8000 Series Processor with Radeon™ GraphicsComboAM5PI 1.1.0.3b – ComboAM5PI 1.1.0.3b
- AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.1.8.0 – PhoenixPI-FP8-FP7 1.1.8.0
- AMD / AMD Ryzen™ Embedded 5000EmbAM4PI 1.0.0.7 – EmbAM4PI 1.0.0.7
- AMD / AMD Ryzen™ Embedded 7000EmbeddedV2KAPI-FP6 1.0.0.7 – EmbeddedV2KAPI-FP6 1.0.0.7
- AMD / AMD Ryzen™ Embedded 8000EmbeddedPhoenixPI-FP7r2_1.2.0.0 – EmbeddedPhoenixPI-FP7r2_1.2.0.0
- AMD / AMD Ryzen™ Embedded R1000EmbeddedPI-FP5 1.2.0.F – EmbeddedPI-FP5 1.2.0.F
- AMD / AMD Ryzen™ Embedded R2000EmbeddedR2KPIFP5 1.0.0.5 – EmbeddedR2KPIFP5 1.0.0.5
- AMD / AMD Ryzen™ Embedded V1000EmbeddedPI-FP5 1.2.0.F – EmbeddedPI-FP5 1.2.0.F
- AMD / AMD Ryzen™Embedded V2000EmbeddedPI-FP6 1.0.0.B – EmbeddedPI-FP6 1.0.0.B
- AMD / AMD Ryzen™Embedded V3000EmbeddedPI_FP7R2 1.0.0.C – EmbeddedPI_FP7R2 1.0.0.C
- AMD / AMD Ryzen™ Threadripper™ 3000 Series ProcessorsCastlePeakPI-SP3r3 1.0.0.D – CastlePeakPI-SP3r3 1.0.0.D
- AMD / AMD Ryzen™ Threadripper™ PRO 3000WX Series ProcessorsChagallWSPI-sWRX8 1.0.0.9 – ChagallWSPI-sWRX8 1.0.0.9
- AMD / AMD Ryzen™ Threadripper™ PRO 3000WX Series ProcessorsCastlePeakWSPI-sWRX8 1.0.0.F – CastlePeakWSPI-sWRX8 1.0.0.F
- AMD / AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop ProcessorsChagallWSPI-sWRX8 1.0.0.9 – ChagallWSPI-sWRX8 1.0.0.9
- AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.1.0.0h – StormPeakPI-SP6 1.1.0.0h
- AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.0.0.1j – StormPeakPI-SP6 1.0.0.1j