CVE-2022-23820

Summary

Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDRyzen™ 3000 series Desktop Processors “Matisse"variousaffected
AMDAMD Ryzen™ 5000 Series Desktop Processors “Vermeer”variousaffected
AMDAMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne”variousaffected
AMDAMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso” AM4variousaffected
AMDAMD Ryzen™ Threadripper™ 2000 Series Processors “Colfax”Variousaffected
AMDAMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDTvariousaffected
AMDAMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3variousaffected
AMDAMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WSvariousaffected
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”variousaffected
AMDAMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics “Picasso” FP5variousaffected
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6variousaffected
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”variousaffected
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”variousaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics “Rembrandt”variousaffected
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”variousaffected
AMDAMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo”variousaffected
AMDAMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”variousaffected
AMD3rd Gen AMD EPYC™ Processorsvariousaffected
AMDAMD EPYC™ Embedded 7003variousaffected
AMDAMD EPYC™ Embedded 7003variousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References