CVE-2023-20533

CVSS 6.1 MEDIUMEPSS 0.5%

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H

Productos afectados

AMD · 2nd Gen AMD EPYC™ Processors AMD · 3rd Gen AMD EPYC™ Processors AMD · AMD EPYC™ Embedded 7002 AMD · AMD EPYC™ Embedded 7002 AMD · AMD EPYC™ Embedded 7003 AMD · AMD EPYC™ Embedded 7003 AMD · AMD Ryzen™ 5000 Series Desktop Processors “Vermeer”AMD · AMD Ryzen™ Embedded 5000 AMD · AMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDT AMD · AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS AMD · AMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3 AMD · Ryzen™ 3000 series Desktop Processors “Matisse"

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001