CVE-2023-20596

Description

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.

Affected products

• AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics "Rembrandt"various – various
• AMD / AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”various – various
• AMD / Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Formerly codenamed “Cezanne” AM4various – various
• AMD / Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”various – various
• AMD / Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael”various – various
• AMD / Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael” X3Dvarious – various
• AMD / Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Formerly codenamed “Phoenix”various – various

References

• MISChttps://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011