Description
Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
High
User Interaction
None
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- AMD / AMD EPYC™ 4004ComboAM5PI 1.1.0.3d – ComboAM5PI 1.1.0.3d
- AMD / AMD EPYC™ 4005ComboAM5 1.2.0.3j – ComboAM5 1.2.0.3j
- AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.Bg – RembrandtPI-FP7_1.0.0.Bg
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.2.0.3j – ComboAM5PI 1.2.0.3j
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.0.0.e – ComboAM5PI 1.0.0.e
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.1.0.3g – ComboAM5PI 1.1.0.3g
- AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0f – PhoenixPI-FP8-FP7_1.2.0.0f
- AMD / AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsDragonRangeFL1_1.0.0.3l – DragonRangeFL1_1.0.0.3l
- AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5PI 1.2.0.3j – ComboAM5PI 1.2.0.3j
- AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5PI 1.1.0.3g – ComboAM5PI 1.1.0.3g
- AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0f – PhoenixPI-FP8-FP7_1.2.0.0f
- AMD / AMD Ryzen™ 9000HX Series Mobile ProcessorsFireRangeFL1PI 1.0.0.0f – FireRangeFL1PI 1.0.0.0f
- AMD / AMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5PI 1.2.0.3j – ComboAM5PI 1.2.0.3j
- AMD / AMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.2e – StrixKrackanPI-FP8_1.1.0.2e
- AMD / AMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0f – StrixKrackanPI-FP8_1.1.0.0f
- AMD / AMD Ryzen™ AI Max +StrixHaloPI-FP11_1.0.0.2b – StrixHaloPI-FP11_1.0.0.2b
- AMD / AMD Ryzen™ Embedded 7000 Series ProcessorsEmbeddedAM5PI 1.0.0.7 – EmbeddedAM5PI 1.0.0.7
- AMD / AMD Ryzen™ Embedded 8000 Series ProcessorsEmbeddedPhoenixPI-FP7r2_1.0.0.4 – EmbeddedPhoenixPI-FP7r2_1.0.0.4
- AMD / AMD Ryzen™ Embedded 9000 Series ProcessorsEmbeddedAM5PI 1.0.0.7 – EmbeddedAM5PI 1.0.0.7
- AMD / AMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 1012 – Embedded-PI_FP7r2 1012
- AMD / AMD Ryzen™ Threadripper™ 7000 ProcessorsStormPeakPI-SP6 1.1.0.0k – StormPeakPI-SP6 1.1.0.0k
- AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.0.0.1m – StormPeakPI-SP6 1.0.0.1m
- AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.1.0.0k – StormPeakPI-SP6 1.1.0.0k