CVE-2023-20571
8.1
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.2 / Impact: 5.9
Source: NVD
Description
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
Affected (71)
Products: Amd: Ryzen 3 5100 Firmware, Ryzen 3 5300g Firmware, Ryzen 3 5300ge Firmware, Ryzen 5 5500 Firmware, Ryzen 5 5600g Firmware, Ryzen 5 5600ge Firmware, Ryzen 7 5700 Firmware, Ryzen 7 5700g Firmware, Ryzen 7 5700ge Firmware, Ryzen 5 7500f Firmware, Ryzen 5 7600 Firmware, Ryzen 5 7600x Firmware, Ryzen 7 7700 Firmware, Ryzen 7 7700x Firmware, Ryzen 7 7800x3d Firmware, Ryzen 9 7900 Firmware, Ryzen 9 7900x Firmware, Ryzen 9 7900x3d Firmware, Ryzen 9 7950x Firmware, Ryzen 9 7950x3d Firmware, Ryzen Pro 3900 Firmware, Ryzen Pro 7645 Firmware, Ryzen Pro 7745 Firmware, Ryzen Pro 7945 Firmware, Ryzen 3 5125c Firmware, Ryzen 3 5400u Firmware, Ryzen 3 5425u Firmware, Ryzen 5 5500h Firmware, Ryzen 5 5560u Firmware, Ryzen 5 5600h Firmware, Ryzen 5 5600hs Firmware, Ryzen 5 5600u Firmware, Ryzen 5 5625u Firmware, Ryzen 7 5800h Firmware, Ryzen 7 5800hs Firmware, Ryzen 7 5800u Firmware, Ryzen 7 5825u Firmware, Ryzen 9 5900hs Firmware, Ryzen 9 5900hx Firmware, Ryzen 9 5980hs Firmware, Ryzen 9 5980hx Firmware, Ryzen 9 6980hx Firmware, Ryzen 9 6980hs Firmware, Ryzen 9 6900hx Firmware, Ryzen 9 6900hs Firmware, Ryzen 7 6800h Firmware, Ryzen 7 6800hs Firmware, Ryzen 7 6800u Firmware, Ryzen 5 6600h Firmware, Ryzen 5 6600hs Firmware, Ryzen 5 6600u Firmware, Ryzen 7 7735hs Firmware, Ryzen 7 7736u Firmware, Ryzen 7 7735u Firmware, Ryzen 5 7535hs Firmware, Ryzen 5 7535u Firmware, Ryzen 3 7335u Firmware, Ryzen 9 Pro 7940hs Firmware, Ryzen 9 Pro 7940h Firmware, Ryzen 7 Pro 7840hs Firmware, Ryzen 7 Pro 7840h Firmware, Ryzen 7 Pro 7840u Firmware, Ryzen 5 Pro 7640hs Firmware, Ryzen 5 Pro 7640h Firmware, Ryzen 5 Pro 7640u Firmware, Ryzen 5 Pro 7545u Firmware, Ryzen 5 Pro 7540u Firmware, Ryzen 3 Pro 7440u Firmware, Ryzen 5 Pro 7530u Firmware, Ryzen 3 Pro 7330u Firmware, Ryzen 7 Pro 7730u Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5100 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5300g | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5300ge | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5500 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600g | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600ge | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5700 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5700g | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam4v2_1.2.0.b |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5700ge | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 7500f | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 7600 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 7600x | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 7700 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 7700x | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 7800x3d | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 7900 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 7900x | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 7900x3d | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 7950x | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 7950x3d | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen Pro 3900 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen Pro 7645 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen Pro 7745 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before comboam5_1.0.7.0 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen Pro 7945 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5125c | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5400u | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5425u | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5500h | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5560u | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600h | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600hs | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600u | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5625u | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5800h | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5800hs | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5800u | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5825u | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 5900hs | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 5900hx | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 5980hs | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 5980hx | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 6980hx | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 6980hs | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 6900hx | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 6900hs | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 6800h | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 6800hs | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 6800u | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 6600h | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 6600hs | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 6600u | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 7735hs | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 7736u | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 7735u | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 7535hs | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 7535u | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before rembrandtpi-fp7_1.0.0.9 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 7335u | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 Pro 7940hs | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 Pro 7940h | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 Pro 7840hs | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 Pro 7840h | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 Pro 7840u | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 7640hs | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 7640h | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 7640u | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 7545u | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 7540u | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before phoenixpi-fp8-fp7_pi_1.0.0.1g |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 Pro 7440u | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 7530u | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 Pro 7330u | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.f |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 Pro 7730u | All versions |
References (2)
Source: psirt@amd.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.