CVE-2022-23817
CVE-2022-23817
Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
AMD · AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Instinct™ MI210AMD · AMD Instinct™ MI250AMD · AMD Radeon™ PRO W5000 Series Graphics ProductsAMD · AMD Radeon™ PRO W6000 Series Graphics ProductsAMD · AMD Radeon™ RX 5000 Series Graphics ProductsAMD · AMD Radeon™ RX 6000 Series Graphics ProductsAMD · AMD Ryzen™ 2000 Mobile ProcessorsAMD · AMD Ryzen™ 3000 Series Desktop ProcessorsAMD · AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 4000 Series Desktop ProcessorsAMD · AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 5000 Series Desktop ProcessorsAMD · AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsAMD · AMD Ryzen™ Embedded 5000 Series ProcessorsAMD · AMD Ryzen™ Embedded R1000 Series ProcessorsAMD · AMD Ryzen™ Embedded R2000 Series ProcessorsAMD · AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")AMD · AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")AMD · AMD Ryzen™ Embedded V2000 Series ProcessorAMD · AMD Ryzen™ Embedded V3000 Series ProcessorsAMD · AMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsAMD · AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsAMD · MI-100AMD · MI-25 / 50Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.htmlhttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.htmlhttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.htmlhttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html