Description
Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None
Affected products
- AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.0.E – PicassoPI-FP5 1.0.0.E
- AMD / AMD Radeon™ PRO V620 Graphics ProductsContact your AMD Customer Engineering representative – Contact your AMD Customer Engineering representative
- AMD / AMD Radeon™ PRO W6000 Series Graphics ProductsAMD Software: PRO Edition 23.Q4 (23.30.13.03) – AMD Software: PRO Edition 23.Q4 (23.30.13.03)
- AMD / AMD Radeon™ RX 6000 Series Graphics ProductsAMD Software: Adrenalin Edition 23.12.1 (23.30.13.01) – AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)
- AMD / AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.0.E – PicassoPI-FP5 1.0.0.E
- AMD / AMD Ryzen™ 4000 Series Desktop ProcessorsComboAM4v2 PI 1.2.0.5 – ComboAM4v2 PI 1.2.0.5
- AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.8 – RenoirPI-FP6 1.0.0.8
- AMD / AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6 1.0.0.8 – CezannePI-FP6 1.0.0.8
- AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_0.0.8.0 RC1 – RembrandtPI-FP7_0.0.8.0 RC1
- AMD / AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6 1.0.0.8 – CezannePI-FP6 1.0.0.8
- AMD / AMD Ryzen™ 7035 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_0.0.8.0 RC1 – RembrandtPI-FP7_0.0.8.0 RC1
- AMD / AMD Ryzen™ Embedded R1000 Series ProcessorsEmbeddedPI-FP5_1.2.0.A – EmbeddedPI-FP5_1.2.0.A
- AMD / AMD Ryzen™ Embedded R2000 Series ProcessorsEmbeddedR2KPI-FP5_1.0.0.2 – EmbeddedR2KPI-FP5_1.0.0.2
- AMD / AMD Ryzen™ Embedded V1000 Series ProcessorsEmbeddedPI-FP5_1.2.0.A – EmbeddedPI-FP5_1.2.0.A
- AMD / AMD Ryzen™ Embedded V2000 Series ProcessorsEmbeddedPI-FP6_1.0.0.6 – EmbeddedPI-FP6_1.0.0.6
- AMD / AMD Ryzen™ Embedded V3000 SeriesEmbeddedPI-FP7r2_1000 – EmbeddedPI-FP7r2_1000