VYPR
Unrated severityNVD Advisory· Published Aug 8, 2023· Updated Oct 24, 2024

CVE-2023-20555

CVE-2023-20555

Description

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.

Affected products

16
  • AMD/Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso”v5
    Range: various
  • AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” FP5v5
    Range: various
  • AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”v5
    Range: various
  • AMD/Ryzen™ 3000 Series Desktop Processors “Matisse” AM4v5
    Range: various
  • AMD/Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Picasso”v5
    Range: various
  • AMD/Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” FP5v5
    Range: various
  • AMD/Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6v5
    Range: various
  • AMD/Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4v5
    Range: various
  • AMD/Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne” AM4v5
    Range: various
  • AMD/Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”v5
    Range: various
  • AMD/Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”v5
    Range: various
  • AMD/Ryzen™ 6000 Series Mobile Processors "Rembrandt"v5
    Range: various
  • AMD/Ryzen™ 7000 Series Processors “Raphael”v5
    Range: various
  • AMD/Ryzen™ 7020 Series Mobile Processors “Mendocino”v5
    Range: various
  • AMD/Ryzen™ 7030 Series Mobile Processors “Barcelo”v5
    Range: various

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.