CVE-2023-20579

Summary

Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 7000 Series Desktop ProcessorVariousaffected
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 5000 Series Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 7045 Series Mobile Processorsvariousaffected
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ Embedded V2000variousaffected
AMDAMD Ryzen™ Embedded V3000variousaffected
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphicsvariousaffected
AMDAMD Ryzen™ 3000 Series Processors with Radeon™ Graphicsvariousaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References