Description
Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment (TSEG) memory region, potentially resulting in loss of confidentiality or integrity.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
High
User Interaction
None
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
Low
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- AMD / AMD EPYC™ 4004ComboAM5PI 1.1.0.3d – ComboAM5PI 1.1.0.3d
- AMD / AMD EPYC™ 4005ComboAM5 1.2.0.3j – ComboAM5 1.2.0.3j
- AMD / AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.Bg – RembrandtPI-FP7_1.0.0.Bg
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.1.0.3g – ComboAM5PI 1.1.0.3g
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5-PI_1.0.0.e – ComboAM5-PI_1.0.0.e
- AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5 1.2.0.3j – ComboAM5 1.2.0.3j
- AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0f – PhoenixPI-FP8-FP7_1.2.0.0f
- AMD / AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsDragonRangeFL1_1.0.0.3l – DragonRangeFL1_1.0.0.3l
- AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5PI 1.1.0.3g – ComboAM5PI 1.1.0.3g
- AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5 1.2.0.3j – ComboAM5 1.2.0.3j
- AMD / AMD Ryzen™ 9000HX Series Mobile ProcessorsFireRangeFL1PI 1.0.0.0f – FireRangeFL1PI 1.0.0.0f
- AMD / AMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5 1.2.0.3j – ComboAM5 1.2.0.3j
- AMD / AMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0f – StrixKrackanPI-FP8_1.1.0.0f
- AMD / AMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.2e – StrixKrackanPI-FP8_1.1.0.2e
- AMD / AMD Ryzen™ AI Max +StrixHaloPI-FP11_1.0.0.2b – StrixHaloPI-FP11_1.0.0.2b
- AMD / AMD Ryzen™ Embedded 7000 Series ProcessorsEmbeddedAM5PI 1.0.0.5 – EmbeddedAM5PI 1.0.0.5
- AMD / AMD Ryzen™ Embedded 8000 Series ProcessorsEmbeddedPhoenixPI-FP7r2_1.0.0.4 – EmbeddedPhoenixPI-FP7r2_1.0.0.4
- AMD / AMD Ryzen™ Embedded 9000 Series ProcessorsEmbeddedAM5PI 1.0.0.7 – EmbeddedAM5PI 1.0.0.7
- AMD / AMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 100F – Embedded-PI_FP7r2 100F
- AMD / AMD Ryzen™ Threadripper™ 7000 ProcessorsStormPeakPI-SP6 1.1.0.0k – StormPeakPI-SP6 1.1.0.0k
- AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.0.0.1m – StormPeakPI-SP6 1.0.0.1m
- AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6_1.1.0.0k – StormPeakPI-SP6_1.1.0.0k