Unrated severityNVD Advisory· Published Aug 8, 2023· Updated Oct 24, 2024
CVE-2023-20555
CVE-2023-20555
Description
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.
Affected products
16- AMD/Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso”v5Range: various
- AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” FP5v5Range: various
- AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”v5Range: various
- AMD/Ryzen™ 3000 Series Desktop Processors “Matisse” AM4v5Range: various
- AMD/Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Picasso”v5Range: various
- AMD/Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” FP5v5Range: various
- AMD/Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6v5Range: various
- AMD/Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4v5Range: various
- AMD/Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne” AM4v5Range: various
- AMD/Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”v5Range: various
- AMD/Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”v5Range: various
- AMD/Ryzen™ 6000 Series Mobile Processors "Rembrandt"v5Range: various
- AMD/Ryzen™ 7000 Series Processors “Raphael”v5Range: various
- AMD/Ryzen™ 7020 Series Mobile Processors “Mendocino”v5Range: various
- AMD/Ryzen™ 7030 Series Mobile Processors “Barcelo”v5Range: various
Patches
Vulnerability mechanics
References
1- www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4003mitrevendor-advisory
News mentions
0No linked articles in our index yet.