Description
Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
Low
User Interaction
None
Confidentiality (Vulnerable System)
None
Integrity (Vulnerable System)
Low
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- AMD / AMD EPYC™ 9005 Series ProcessorsTurinPI 1.0.0.6 – TurinPI 1.0.0.6
- AMD / AMD EPYC™ Embedded 9005 Series ProcessorsEmbTurinPI-SP5_1.0.0.1 – EmbTurinPI-SP5_1.0.0.1
- AMD / AMD Ryzen™ 9000HX Series ProcessorsFireRangeFL1 PI-1.0.0.0d – FireRangeFL1 PI-1.0.0.0d
- AMD / AMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5 PI 1.2.0.3h – ComboAM5 PI 1.2.0.3h
- AMD / AMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0d – StrixKrackanPI-FP8_1.1.0.0d
- AMD / AMD Ryzen™ AI 300 Series ProcessorsGorgonPI-FP8_1.0.0.0 – GorgonPI-FP8_1.0.0.0
- AMD / AMD Ryzen™ AI 400 Series ProcessorsGorgonPI-FP8_1.0.0.0 – GorgonPI-FP8_1.0.0.0
- AMD / AMD Ryzen™ AI Max 300 Series ProcessorsStrixHaloPI-FP11_1.0.0.1c – StrixHaloPI-FP11_1.0.0.1c
- AMD / AMD Ryzen™ Threadripper™ 9000 ProcessorsShimadaPeakPI-SP6_1.0.0.1b – ShimadaPeakPI-SP6_1.0.0.1b
- AMD / AMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsShimadaPeakPI-SP6_1.0.0.1b – ShimadaPeakPI-SP6_1.0.0.1b
- AMD / AMD Ryzen™ Z2 Series Processors ExtremeStrixKrackanPI-FP8_1.1.0.0d – StrixKrackanPI-FP8_1.1.0.0d