Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for ryzen_7_pro_7840hs_firmware by amd

    CVE-2023-20579 (GCVE-0-2023-20579)

    Vulnerability from nvd – Published: 2024-02-13 19:32 – Updated: 2025-03-14 17:21
    VLAI
    Summary
    Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processor Affected: Various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    Date Public
    2024-02-13 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20579",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-14T15:53:23.792810Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-284",
                    "description": "CWE-284 Improper Access Control",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-14T17:21:09.724Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:36.910Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics  ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processor ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            }
          ],
          "datePublic": "2024-02-13T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper\nAccess Control in the AMD SPI protection feature may allow a user with Ring0\n(kernel mode) privileged access to bypass protections potentially resulting in\nloss of integrity and availability.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "Improper\nAccess Control in the AMD SPI protection feature may allow a user with Ring0\n(kernel mode) privileged access to bypass protections potentially resulting in\nloss of integrity and availability.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-13T19:32:11.904Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009"
            }
          ],
          "source": {
            "advisory": "AMD-SB-7009",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20579",
        "datePublished": "2024-02-13T19:32:11.904Z",
        "dateReserved": "2022-10-27T18:53:39.757Z",
        "dateUpdated": "2025-03-14T17:21:09.724Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4969 (GCVE-0-2023-4969)

    Vulnerability from nvd – Published: 2024-01-16 17:01 – Updated: 2025-06-20 17:10
    VLAI
    Title
    GPU kernel implementations susceptible to memory leak
    Summary
    A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Khronos Group OpenCL Affected: 3.0.11 , ≤ 3.0.11 (custom)
    Create a notification for this product.
    Khronos Group Vulkan Affected: 1.3.224 , ≤ 1.3.224 (custom)
    Create a notification for this product.
    Credits
    Trail of Bits
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:44:53.327Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://registry.khronos.org/vulkan/specs/1.3-extensions/html/index.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/446598"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.trailofbits.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.kb.cert.org/vuls/id/446598"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4969",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T14:52:39.700257Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-20T17:10:16.313Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenCL",
              "vendor": "Khronos Group",
              "versions": [
                {
                  "lessThanOrEqual": "3.0.11",
                  "status": "affected",
                  "version": "3.0.11",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Vulkan",
              "vendor": "Khronos Group",
              "versions": [
                {
                  "lessThanOrEqual": "1.3.224",
                  "status": "affected",
                  "version": "1.3.224",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Trail of Bits"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-16T17:05:06.604Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions"
            },
            {
              "url": "https://registry.khronos.org/vulkan/specs/1.3-extensions/html/index.html"
            },
            {
              "url": "https://kb.cert.org/vuls/id/446598"
            },
            {
              "url": "https://blog.trailofbits.com"
            },
            {
              "url": "https://www.kb.cert.org/vuls/id/446598"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "GPU kernel implementations susceptible to memory leak",
          "x_generator": {
            "engine": "VINCE 2.1.9",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-4969"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2023-4969",
        "datePublished": "2024-01-16T17:01:29.598Z",
        "dateReserved": "2023-09-14T17:07:51.604Z",
        "dateUpdated": "2025-06-20T17:10:16.313Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20596 (GCVE-0-2023-20596)

    Vulnerability from nvd – Published: 2023-11-14 18:55 – Updated: 2024-08-02 09:05
    VLAI

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:36.288Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics Formerly codenamed \u201cCezanne\u201d AM4",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series  Desktop Processors  with Radeon\u2122 Graphics Formerly codenamed \u201cRaphael\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Desktop Processors with Radeon\u2122 Graphics Formerly codenamed \u201cRaphael\u201d X3D",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics \"Rembrandt\"",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics \u201cRembrandt-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics Formerly codenamed \u201cPhoenix\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-11-14T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-14T18:55:14.665Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011"
            }
          ],
          "source": {
            "advisory": "AMD-SB-7011",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20596",
        "datePublished": "2023-11-14T18:55:14.665Z",
        "dateReserved": "2022-10-27T18:53:39.763Z",
        "dateUpdated": "2024-08-02T09:05:36.288Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20571 (GCVE-0-2023-20571)

    Vulnerability from nvd – Published: 2023-11-14 18:55 – Updated: 2024-08-02 09:05
    VLAI
    Summary
    A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
    Severity
    No CVSS data available.
    Assigner
    AMD
    References
    Date Public
    2023-11-14 17:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:45.850Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics  \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Desktop Processors \u201cRaphael\u201d XD3",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics \"Rembrandt\"",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics \u201cRembrandt-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics  \u201cBarcelo\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics \u201cBarcelo-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": " Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics \u201cPhoenix\u201d FP7/FP7r2/FP8",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-11-14T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-14T18:55:02.307Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20571",
        "datePublished": "2023-11-14T18:55:02.307Z",
        "dateReserved": "2022-10-27T18:53:39.755Z",
        "dateUpdated": "2024-08-02T09:05:45.850Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20565 (GCVE-0-2023-20565)

    Vulnerability from nvd – Published: 2023-11-14 18:54 – Updated: 2024-08-02 09:05
    VLAI
    Summary
    Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    Assigner
    AMD
    Date Public
    2023-11-14 17:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:45.856Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics  \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Desktop Processors \u201cRaphael\u201d XD3",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics \"Rembrandt\"",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics \u201cRembrandt-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics  \u201cBarcelo\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics \u201cBarcelo-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": " Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics \u201cPhoenix\u201d FP7/FP7r2/FP8",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-11-14T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-13T19:27:26.573Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20565",
        "datePublished": "2023-11-14T18:54:51.738Z",
        "dateReserved": "2022-10-27T18:53:39.752Z",
        "dateUpdated": "2024-08-02T09:05:45.856Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20563 (GCVE-0-2023-20563)

    Vulnerability from nvd – Published: 2023-11-14 18:54 – Updated: 2024-10-22 13:44
    VLAI
    Summary
    Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne” Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7000 Series Desktop Processors “Raphael” XD3 Affected: various
    Create a notification for this product.
    AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne” Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics "Rembrandt" Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R” Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo” Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R” Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics “Phoenix” FP7/FP7r2/FP8 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Affected: various
    Create a notification for this product.
    amd ryzen_5000_series_desktop_processors_with_radeon_graphics Affected: ComboAM4V2 1.2.0.B *(2023-08-25)
        cpe:2.3:h:amd:ryzen_5000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7000_series_desktop_processors Affected: ComboAM5 1.0.7.0 (2023-04-18)
        cpe:2.3:h:amd:ryzen_7000_series_desktop_processors:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5000_series_mobile_processors_with_radeon_graphics Affected: CezannePI-FP6 1.0.0.F (2023-06-20)
        cpe:2.3:h:amd:ryzen_5000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_6000_series_processors_with_radeon_graphics Affected: RembrandtPI-FP7 1.0.0.9 (2023-05-16)
        cpe:2.3:h:amd:ryzen_6000_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7035_series_processors_with_radeon_graphics Affected: RembrandtPI-FP7 1.0.0.9 (2023-05-16)
        cpe:2.3:h:amd:ryzen_7035_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5000_series_processors_with_radeon_graphics Affected: CezannePI-FP6 1.0.0.F (2023-06-20)
        cpe:2.3:h:amd:ryzen_5000_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7030_series_mobile_processors_with_radeon_graphics Affected: CezannePI-FP6 1.0.0.F (2023-06-20)
        cpe:2.3:h:amd:ryzen_7030_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7040_series_mobile_processors_with_radeon_graphics Affected: PhoenixPI-FP8-FP7 PI 1.0.0.1g (2023-05-11)
        cpe:2.3:h:amd:ryzen_7040_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_embedded_r1000 Affected: EmbeddedPI-FP5 1.2.0.A (2023-07-31)
        cpe:2.3:h:amd:ryzen_embedded_r1000:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_embedded_r2000 Affected: EmbeddedPI-FP5 1.0.0.2 (2023-07-31)
        cpe:2.3:h:amd:ryzen_embedded_r2000:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_embedded_5000 Affected: EmbAM4PI 1.0.0.3 (2023-07-31)
        cpe:2.3:h:amd:ryzen_embedded_5000:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_embedded_v3000 Affected: EmbeddedPI-FP7r2 1.0.0.6 (2023-09-15)
        cpe:2.3:h:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-11-14 17:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:45.851Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_5000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_5000_series_desktop_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ComboAM4V2 1.2.0.B *(2023-08-25)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_7000_series_desktop_processors:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_7000_series_desktop_processors",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ComboAM5 1.0.7.0 (2023-04-18)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_5000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_5000_series_mobile_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "CezannePI-FP6 1.0.0.F (2023-06-20)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_6000_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_6000_series_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "RembrandtPI-FP7 1.0.0.9 (2023-05-16)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_7035_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_7035_series_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "RembrandtPI-FP7 1.0.0.9 (2023-05-16)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_5000_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_5000_series_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "CezannePI-FP6 1.0.0.F (2023-06-20)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_7030_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_7030_series_mobile_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "CezannePI-FP6 1.0.0.F (2023-06-20)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_7040_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_7040_series_mobile_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "PhoenixPI-FP8-FP7 PI 1.0.0.1g (2023-05-11)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_embedded_r1000:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_embedded_r1000",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "EmbeddedPI-FP5 1.2.0.A (2023-07-31)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_embedded_r2000:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_embedded_r2000",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "EmbeddedPI-FP5 1.0.0.2 (2023-07-31)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_embedded_5000:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_embedded_5000",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "EmbAM4PI 1.0.0.3 (2023-07-31)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_embedded_v3000",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "EmbeddedPI-FP7r2 1.0.0.6 (2023-09-15)"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20563",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:15:29.685693Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-22T13:44:05.548Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics  \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Desktop Processors \u201cRaphael\u201d XD3",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics \"Rembrandt\"",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics \u201cRembrandt-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics  \u201cBarcelo\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics \u201cBarcelo-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics \u201cPhoenix\u201d FP7/FP7r2/FP8",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122  Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122  Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122  Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122  Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-11-14T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-13T19:27:18.318Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20563",
        "datePublished": "2023-11-14T18:54:41.308Z",
        "dateReserved": "2022-10-27T18:53:39.747Z",
        "dateUpdated": "2024-10-22T13:44:05.548Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20569 (GCVE-0-2023-20569)

    Vulnerability from nvd – Published: 2023-08-08 17:02 – Updated: 2024-09-23 03:18
    VLAI
    Summary
    A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
    Severity
    No CVSS data available.
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 3000 Series Processors with Radeon™ Vega Graphics Affected: various
    Create a notification for this product.
    AMD Athlon™ 3000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Athlon™ PRO 3000 Series Processors with Radeon™ Vega Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 4000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 5000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    Ryzen™ PRO 5000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ Threadripper™ 2000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ Threadripper™ 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 6000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD 1st Gen AMD EPYC™ Processors Affected: various
    Create a notification for this product.
    AMD 2nd Gen AMD EPYC™ Processors Affected: various
    Create a notification for this product.
    AMD 3rd Gen AMD EPYC™ Processors Affected: various
    Create a notification for this product.
    AMD 4th Gen AMD EPYC™ Processors Affected: various
    Create a notification for this product.
    Date Public
    2023-08-08 16:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-09-23T03:18:32.598Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://xenbits.xen.org/xsa/advisory-434.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/08/08/4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://comsec.ethz.ch/research/microarch/inception/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5475"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240605-0006/"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 3000 Series Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processors ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 5000 Series Desktop Processors",
              "vendor": " ",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 Threadripper\u2122 2000 Series Processors ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": " Ryzen\u2122 Threadripper\u2122 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 6000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": " 1st Gen AMD EPYC\u2122 Processors",
              "vendor": "AMD ",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "2nd Gen AMD EPYC\u2122 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "3rd Gen AMD EPYC\u2122  Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "4th Gen AMD EPYC\u2122  Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T16:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA side channel vulnerability on some \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eof the \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAMD CPUs may allow an attacker to influence \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ereturn address prediction\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. This may\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e result in speculative execution at an attacker-controlled\u202f\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eaddress\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, potentially leading to information disclosure.\u003c/span\u003e\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
                }
              ],
              "value": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T17:02:11.318Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005"
            },
            {
              "url": "http://xenbits.xen.org/xsa/advisory-434.html"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/08/08/4"
            },
            {
              "url": "https://comsec.ethz.ch/research/microarch/inception/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/"
            },
            {
              "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5475"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240605-0006/"
            }
          ],
          "source": {
            "advisory": "AMD-SB-7005",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20569",
        "datePublished": "2023-08-08T17:02:11.318Z",
        "dateReserved": "2022-10-27T18:53:39.754Z",
        "dateUpdated": "2024-09-23T03:18:32.598Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20579 (GCVE-0-2023-20579)

    Vulnerability from cvelistv5 – Published: 2024-02-13 19:32 – Updated: 2025-03-14 17:21
    VLAI
    Summary
    Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processor Affected: Various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    Date Public
    2024-02-13 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20579",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-14T15:53:23.792810Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-284",
                    "description": "CWE-284 Improper Access Control",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-14T17:21:09.724Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:36.910Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics  ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processor ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Mobile Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            }
          ],
          "datePublic": "2024-02-13T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper\nAccess Control in the AMD SPI protection feature may allow a user with Ring0\n(kernel mode) privileged access to bypass protections potentially resulting in\nloss of integrity and availability.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "Improper\nAccess Control in the AMD SPI protection feature may allow a user with Ring0\n(kernel mode) privileged access to bypass protections potentially resulting in\nloss of integrity and availability.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-13T19:32:11.904Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009"
            }
          ],
          "source": {
            "advisory": "AMD-SB-7009",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20579",
        "datePublished": "2024-02-13T19:32:11.904Z",
        "dateReserved": "2022-10-27T18:53:39.757Z",
        "dateUpdated": "2025-03-14T17:21:09.724Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-4969 (GCVE-0-2023-4969)

    Vulnerability from cvelistv5 – Published: 2024-01-16 17:01 – Updated: 2025-06-20 17:10
    VLAI
    Title
    GPU kernel implementations susceptible to memory leak
    Summary
    A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Khronos Group OpenCL Affected: 3.0.11 , ≤ 3.0.11 (custom)
    Create a notification for this product.
    Khronos Group Vulkan Affected: 1.3.224 , ≤ 1.3.224 (custom)
    Create a notification for this product.
    Credits
    Trail of Bits
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:44:53.327Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://registry.khronos.org/vulkan/specs/1.3-extensions/html/index.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/446598"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.trailofbits.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.kb.cert.org/vuls/id/446598"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4969",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T14:52:39.700257Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-20T17:10:16.313Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenCL",
              "vendor": "Khronos Group",
              "versions": [
                {
                  "lessThanOrEqual": "3.0.11",
                  "status": "affected",
                  "version": "3.0.11",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Vulkan",
              "vendor": "Khronos Group",
              "versions": [
                {
                  "lessThanOrEqual": "1.3.224",
                  "status": "affected",
                  "version": "1.3.224",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Trail of Bits"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-16T17:05:06.604Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions"
            },
            {
              "url": "https://registry.khronos.org/vulkan/specs/1.3-extensions/html/index.html"
            },
            {
              "url": "https://kb.cert.org/vuls/id/446598"
            },
            {
              "url": "https://blog.trailofbits.com"
            },
            {
              "url": "https://www.kb.cert.org/vuls/id/446598"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "GPU kernel implementations susceptible to memory leak",
          "x_generator": {
            "engine": "VINCE 2.1.9",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-4969"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2023-4969",
        "datePublished": "2024-01-16T17:01:29.598Z",
        "dateReserved": "2023-09-14T17:07:51.604Z",
        "dateUpdated": "2025-06-20T17:10:16.313Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20596 (GCVE-0-2023-20596)

    Vulnerability from cvelistv5 – Published: 2023-11-14 18:55 – Updated: 2024-08-02 09:05
    VLAI

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:36.288Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics Formerly codenamed \u201cCezanne\u201d AM4",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series  Desktop Processors  with Radeon\u2122 Graphics Formerly codenamed \u201cRaphael\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Desktop Processors with Radeon\u2122 Graphics Formerly codenamed \u201cRaphael\u201d X3D",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics \"Rembrandt\"",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics \u201cRembrandt-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics Formerly codenamed \u201cPhoenix\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-11-14T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-14T18:55:14.665Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011"
            }
          ],
          "source": {
            "advisory": "AMD-SB-7011",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20596",
        "datePublished": "2023-11-14T18:55:14.665Z",
        "dateReserved": "2022-10-27T18:53:39.763Z",
        "dateUpdated": "2024-08-02T09:05:36.288Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20571 (GCVE-0-2023-20571)

    Vulnerability from cvelistv5 – Published: 2023-11-14 18:55 – Updated: 2024-08-02 09:05
    VLAI
    Summary
    A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
    Severity
    No CVSS data available.
    Assigner
    AMD
    References
    Date Public
    2023-11-14 17:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:45.850Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics  \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Desktop Processors \u201cRaphael\u201d XD3",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics \"Rembrandt\"",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics \u201cRembrandt-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics  \u201cBarcelo\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics \u201cBarcelo-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": " Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics \u201cPhoenix\u201d FP7/FP7r2/FP8",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-11-14T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-14T18:55:02.307Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20571",
        "datePublished": "2023-11-14T18:55:02.307Z",
        "dateReserved": "2022-10-27T18:53:39.755Z",
        "dateUpdated": "2024-08-02T09:05:45.850Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20565 (GCVE-0-2023-20565)

    Vulnerability from cvelistv5 – Published: 2023-11-14 18:54 – Updated: 2024-08-02 09:05
    VLAI
    Summary
    Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    Assigner
    AMD
    Date Public
    2023-11-14 17:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:45.856Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics  \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Desktop Processors \u201cRaphael\u201d XD3",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics \"Rembrandt\"",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics \u201cRembrandt-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics  \u201cBarcelo\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics \u201cBarcelo-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": " Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics \u201cPhoenix\u201d FP7/FP7r2/FP8",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-11-14T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-13T19:27:26.573Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20565",
        "datePublished": "2023-11-14T18:54:51.738Z",
        "dateReserved": "2022-10-27T18:53:39.752Z",
        "dateUpdated": "2024-08-02T09:05:45.856Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20563 (GCVE-0-2023-20563)

    Vulnerability from cvelistv5 – Published: 2023-11-14 18:54 – Updated: 2024-10-22 13:44
    VLAI
    Summary
    Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne” Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7000 Series Desktop Processors “Raphael” XD3 Affected: various
    Create a notification for this product.
    AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne” Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics "Rembrandt" Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R” Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo” Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R” Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics “Phoenix” FP7/FP7r2/FP8 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Affected: various
    Create a notification for this product.
    amd ryzen_5000_series_desktop_processors_with_radeon_graphics Affected: ComboAM4V2 1.2.0.B *(2023-08-25)
        cpe:2.3:h:amd:ryzen_5000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7000_series_desktop_processors Affected: ComboAM5 1.0.7.0 (2023-04-18)
        cpe:2.3:h:amd:ryzen_7000_series_desktop_processors:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5000_series_mobile_processors_with_radeon_graphics Affected: CezannePI-FP6 1.0.0.F (2023-06-20)
        cpe:2.3:h:amd:ryzen_5000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_6000_series_processors_with_radeon_graphics Affected: RembrandtPI-FP7 1.0.0.9 (2023-05-16)
        cpe:2.3:h:amd:ryzen_6000_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7035_series_processors_with_radeon_graphics Affected: RembrandtPI-FP7 1.0.0.9 (2023-05-16)
        cpe:2.3:h:amd:ryzen_7035_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5000_series_processors_with_radeon_graphics Affected: CezannePI-FP6 1.0.0.F (2023-06-20)
        cpe:2.3:h:amd:ryzen_5000_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7030_series_mobile_processors_with_radeon_graphics Affected: CezannePI-FP6 1.0.0.F (2023-06-20)
        cpe:2.3:h:amd:ryzen_7030_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7040_series_mobile_processors_with_radeon_graphics Affected: PhoenixPI-FP8-FP7 PI 1.0.0.1g (2023-05-11)
        cpe:2.3:h:amd:ryzen_7040_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_embedded_r1000 Affected: EmbeddedPI-FP5 1.2.0.A (2023-07-31)
        cpe:2.3:h:amd:ryzen_embedded_r1000:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_embedded_r2000 Affected: EmbeddedPI-FP5 1.0.0.2 (2023-07-31)
        cpe:2.3:h:amd:ryzen_embedded_r2000:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_embedded_5000 Affected: EmbAM4PI 1.0.0.3 (2023-07-31)
        cpe:2.3:h:amd:ryzen_embedded_5000:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_embedded_v3000 Affected: EmbeddedPI-FP7r2 1.0.0.6 (2023-09-15)
        cpe:2.3:h:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-11-14 17:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:45.851Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_5000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_5000_series_desktop_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ComboAM4V2 1.2.0.B *(2023-08-25)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_7000_series_desktop_processors:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_7000_series_desktop_processors",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ComboAM5 1.0.7.0 (2023-04-18)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_5000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_5000_series_mobile_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "CezannePI-FP6 1.0.0.F (2023-06-20)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_6000_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_6000_series_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "RembrandtPI-FP7 1.0.0.9 (2023-05-16)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_7035_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_7035_series_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "RembrandtPI-FP7 1.0.0.9 (2023-05-16)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_5000_series_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_5000_series_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "CezannePI-FP6 1.0.0.F (2023-06-20)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_7030_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_7030_series_mobile_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "CezannePI-FP6 1.0.0.F (2023-06-20)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_7040_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_7040_series_mobile_processors_with_radeon_graphics",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "PhoenixPI-FP8-FP7 PI 1.0.0.1g (2023-05-11)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_embedded_r1000:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_embedded_r1000",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "EmbeddedPI-FP5 1.2.0.A (2023-07-31)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_embedded_r2000:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_embedded_r2000",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "EmbeddedPI-FP5 1.0.0.2 (2023-07-31)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_embedded_5000:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_embedded_5000",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "EmbAM4PI 1.0.0.3 (2023-07-31)"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen_embedded_v3000",
                "vendor": "amd",
                "versions": [
                  {
                    "status": "affected",
                    "version": "EmbeddedPI-FP7r2 1.0.0.6 (2023-09-15)"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20563",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-15T17:15:29.685693Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-22T13:44:05.548Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics  \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Desktop Processors \u201cRaphael\u201d XD3",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics \u201cCezanne\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics \"Rembrandt\"",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics \u201cRembrandt-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics  \u201cBarcelo\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics \u201cBarcelo-R\u201d",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "PI",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics \u201cPhoenix\u201d FP7/FP7r2/FP8",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122  Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122  Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122  Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122  Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-11-14T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-13T19:27:18.318Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20563",
        "datePublished": "2023-11-14T18:54:41.308Z",
        "dateReserved": "2022-10-27T18:53:39.747Z",
        "dateUpdated": "2024-10-22T13:44:05.548Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20569 (GCVE-0-2023-20569)

    Vulnerability from cvelistv5 – Published: 2023-08-08 17:02 – Updated: 2024-09-23 03:18
    VLAI
    Summary
    A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
    Severity
    No CVSS data available.
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 3000 Series Processors with Radeon™ Vega Graphics Affected: various
    Create a notification for this product.
    AMD Athlon™ 3000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Athlon™ PRO 3000 Series Processors with Radeon™ Vega Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 4000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 5000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    Ryzen™ PRO 5000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ Threadripper™ 2000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ Threadripper™ 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ PRO 6000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7000 Series Processors Affected: various
    Create a notification for this product.
    AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD 1st Gen AMD EPYC™ Processors Affected: various
    Create a notification for this product.
    AMD 2nd Gen AMD EPYC™ Processors Affected: various
    Create a notification for this product.
    AMD 3rd Gen AMD EPYC™ Processors Affected: various
    Create a notification for this product.
    AMD 4th Gen AMD EPYC™ Processors Affected: various
    Create a notification for this product.
    Date Public
    2023-08-08 16:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-09-23T03:18:32.598Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://xenbits.xen.org/xsa/advisory-434.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/08/08/4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://comsec.ethz.ch/research/microarch/inception/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5475"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240605-0006/"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 3000 Series Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processors ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 5000 Series Desktop Processors",
              "vendor": " ",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 Threadripper\u2122 2000 Series Processors ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": " Ryzen\u2122 Threadripper\u2122 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 6000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": " 1st Gen AMD EPYC\u2122 Processors",
              "vendor": "AMD ",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "2nd Gen AMD EPYC\u2122 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "3rd Gen AMD EPYC\u2122  Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "4th Gen AMD EPYC\u2122  Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T16:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA side channel vulnerability on some \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eof the \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAMD CPUs may allow an attacker to influence \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ereturn address prediction\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. This may\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e result in speculative execution at an attacker-controlled\u202f\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eaddress\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, potentially leading to information disclosure.\u003c/span\u003e\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
                }
              ],
              "value": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T17:02:11.318Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005"
            },
            {
              "url": "http://xenbits.xen.org/xsa/advisory-434.html"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/08/08/4"
            },
            {
              "url": "https://comsec.ethz.ch/research/microarch/inception/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/"
            },
            {
              "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5475"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240605-0006/"
            }
          ],
          "source": {
            "advisory": "AMD-SB-7005",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20569",
        "datePublished": "2023-08-08T17:02:11.318Z",
        "dateReserved": "2022-10-27T18:53:39.754Z",
        "dateUpdated": "2024-09-23T03:18:32.598Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }