CVE-2024-36347

Description

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

AMD / AMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsComboAM4PI 1.0.0.D – ComboAM4PI 1.0.0.D
AMD / AMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsComboAM4v2PI 1.2.0.E – ComboAM4v2PI 1.2.0.E
AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.1.2b – PicassoPI-FP5 1.0.1.2b
AMD / AMD EPYC™ 4004 SeriesComboAM5PI1.0.0.a – ComboAM5PI1.0.0.a
AMD / AMD EPYC™ 4004 SeriesComboAM5PI1.1.0.3c – ComboAM5PI1.1.0.3c
AMD / AMD EPYC™ 4004 SeriesComboAM5PI1.2.0.3 – ComboAM5PI1.2.0.3
AMD / AMD EPYC™ 7001 SeriesNaplesPI 1.0.0.P – NaplesPI 1.0.0.P
AMD / AMD EPYC™ 7002 SeriesRomePI 1.0.0.L – RomePI 1.0.0.L
AMD / AMD EPYC™ 7003 SeriesMilanPI 1.0.0.F – MilanPI 1.0.0.F
AMD / AMD EPYC™ 9004 SeriesGenoa 1.0.0.E – Genoa 1.0.0.E
AMD / AMD EPYC™ 9005 SeriesTurinPI 1.0.0.4 – TurinPI 1.0.0.4
AMD / AMD EPYC™ Embedded 3000SnowyOwl PI 1.1.0.E – SnowyOwl PI 1.1.0.E
AMD / AMD EPYC™ Embedded 7002EmbRomePI-SP3 1.0.0.D – EmbRomePI-SP3 1.0.0.D
AMD / AMD EPYC™ Embedded 7003EmbMilan PI-SP3 1.0.0.A – EmbMilan PI-SP3 1.0.0.A
AMD / AMD EPYC™ Embedded 8004EmbGenoaPI-SP5 1.0.0.9 – EmbGenoaPI-SP5 1.0.0.9
AMD / AMD EPYC™ Embedded 9004EmbGenoaPI-SP5 1.0.0.9 – EmbGenoaPI-SP5 1.0.0.9
AMD / AMD EPYC™ Embedded 97X4EmbGenoaPI-SP5 1.0.0.9 – EmbGenoaPI-SP5 1.0.0.9
AMD / AMD Instinct™ MI300AMI300PI_SR5 1.0.0.8 – MI300PI_SR5 1.0.0.8
AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.E – ComboAM4v2PI 1.2.0.E
AMD / AMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4PI 1.0.0.D – ComboAM4PI 1.0.0.D
AMD / AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ GraphicsPicassoPI-FP5 1.0.1.2b – PicassoPI-FP5 1.0.1.2b
AMD / AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.E – ComboAM4v2PI 1.2.0.E
AMD / AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.Eb – RenoirPI-FP6 1.0.0.Eb
AMD / AMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.E – ComboAM4v2PI 1.2.0.E
AMD / AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.E – ComboAM4v2PI 1.2.0.E
AMD / AMD Ryzen™ 5000 Series Processors with Radeon™ GraphicsCezannePI-FP6 1.0.1.1b – CezannePI-FP6 1.0.1.1b
AMD / AMD Ryzen™ 6000 Series Processor with Radeon™ GraphicsRembrandtPI-FP7 1.0.0.Bb – RembrandtPI-FP7 1.0.0.Bb
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.0.0.a – ComboAM5PI 1.0.0.a
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.2.0.3 – ComboAM5PI 1.2.0.3
AMD / AMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.1.0.3c – ComboAM5PI 1.1.0.3c
AMD / AMD Ryzen™ 7000 Series Processors with Radeon™ GraphicsCezannePI-FP6 1.0.1.1b – CezannePI-FP6 1.0.1.1b
AMD / AMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsMendocinoPI-FT6 1.0.0.7b – MendocinoPI-FT6 1.0.0.7b
AMD / AMD Ryzen™ 7035 Series Processor with Radeon™ GraphicsRembrandtPI-FP7 1.0.0.Bb – RembrandtPI-FP7 1.0.0.Bb
AMD / AMD Ryzen™ 7040 Series Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.2.0.0 – PhoenixPI-FP8-FP7 1.2.0.0
AMD / AMD Ryzen™ 7045 Series Mobile ProcessorsDragonRangeFL1 1.0.0.3g – DragonRangeFL1 1.0.0.3g
AMD / AMD Ryzen™ 8000 Series Processor with Radeon™ GraphicsComboAM5PI 1.1.0.3c – ComboAM5PI 1.1.0.3c
AMD / AMD Ryzen™ 8000 Series Processor with Radeon™ GraphicsComboAM5PI 1.2.0.3 – ComboAM5PI 1.2.0.3
AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.2.0.0 – PhoenixPI-FP8-FP7 1.2.0.0
AMD / AMD Ryzen™ 9000HX Series Mobile ProcessorsFireRangeFL1PI 1.0.0.0a – FireRangeFL1PI 1.0.0.0a
AMD / AMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5PI 1.2.0.3c – ComboAM5PI 1.2.0.3c
AMD / AMD Ryzen™ AI 300 SeriesStrixKrakenPI-FP8_1.1.0.0b – StrixKrakenPI-FP8_1.1.0.0b
AMD / AMD Ryzen™ AI Max +StrixHaloPI-FP11_1.0.0.1 – StrixHaloPI-FP11_1.0.0.1
AMD / AMD Ryzen™ Embedded 5000EmbAM4PI 1.0.0.7 – EmbAM4PI 1.0.0.7
AMD / AMD Ryzen™ Embedded 7000EmbeddedAM5PI 1.0.0.3 – EmbeddedAM5PI 1.0.0.3
AMD / AMD Ryzen™ Embedded R1000EmbeddedPI-FP5 1.2.0.F – EmbeddedPI-FP5 1.2.0.F
AMD / AMD Ryzen™ Embedded R2000EmbeddedR2KPI 1.0.0.5 – EmbeddedR2KPI 1.0.0.5
AMD / AMD Ryzen™ Embedded V1000EmbeddedPI-FP5 1.2.0.F – EmbeddedPI-FP5 1.2.0.F
AMD / AMD Ryzen™Embedded V2000EmbeddedPI-FP6 1.0.0.B – EmbeddedPI-FP6 1.0.0.B
AMD / AMD Ryzen™Embedded V3000EmbeddedPI-FP7R2 1.0.0.C – EmbeddedPI-FP7R2 1.0.0.C
AMD / AMD Ryzen™ Threadripper™ 3000 Series ProcessorsCastlePeakPI-SP3r3 1.0.0.E – CastlePeakPI-SP3r3 1.0.0.E
AMD / AMD Ryzen™ Threadripper™ PRO 3000WX Series ProcessorsChagallWSPI-sWRX8 1.0.0.B – ChagallWSPI-sWRX8 1.0.0.B
AMD / AMD Ryzen™ Threadripper™ PRO 3000WX Series ProcessorsCastlePeakWSPI-sWRX8 1.0.0.g – CastlePeakWSPI-sWRX8 1.0.0.g
AMD / AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop ProcessorsChagallWSPI-sWRX8 1.0.0.B – ChagallWSPI-sWRX8 1.0.0.B
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.0.0.1k – StormPeakPI-SP6 1.0.0.1k
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.1.0.0i – StormPeakPI-SP6 1.1.0.0i

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html