{"id":186766,"date":"2023-01-14T22:44:01","date_gmt":"2023-01-14T22:44:01","guid":{"rendered":"https:\/\/harchi90.com\/amd-revealed-31-vulnerabilities-within-its-processor-lines-ryzen-epyc-cpus-included\/"},"modified":"2023-01-14T22:44:01","modified_gmt":"2023-01-14T22:44:01","slug":"amd-revealed-31-vulnerabilities-within-its-processor-lines-ryzen-epyc-cpus-included","status":"publish","type":"post","link":"https:\/\/harchi90.com\/amd-revealed-31-vulnerabilities-within-its-processor-lines-ryzen-epyc-cpus-included\/","title":{"rendered":"AMD Revealed 31 Vulnerabilities Within Its Processor Lines, Ryzen & EPYC CPUs Included"},"content":{"rendered":"
\n
AMD revealed in the most recent January update that thirty-one new vulnerabilities were found in its processors, covering Ryzen and EPYC CPUs.<\/p>\n
AMD hit with 31 new vulnerabilities to start 2023, affecting Ryzen & EPYC CPU lines<\/h2>\n
The company has created numerous mitigations to alleviate the exposed processors and has also disclosed a report from the company in cooperation with teams from three top companies \u2014 Apple, Google, and Oracle. The company also announced several AGESA variants listed in the update (AGESA code is found when building the system’s BIOS and UEFI code).<\/p>\n
Due to the vulnerability’s nature, the AGESA changes have been delivered to OEMs, and any patching will depend on each vendor to release it as soon as possible. It would be wise for consumers to visit the vendor’s official website to find out if there is a new update waiting for download rather than waiting for the company to roll it out later.<\/p>\n
<\/figure>\n
AMD Processors vulnerable to this new attack include Ryzen models for desktops, HEDT, Pro, and mobile CPU series. There is a single vulnerability labeled as “high severity,” while two others are less extreme but still important to patch. All exposures are attacked through the BIOS and ASP bootloader (also known as the AMD Secure Processor bootloader).<\/p>\n
AMD CPU series that are vulnerable are:<\/p>\n
\n
Ryzen 2000 (Pinnacle Ridge) series processors<\/strong><\/li>\n
Ryzen 2000 APUs<\/strong><\/li>\n
Ryzen 5000 APUs<\/strong><\/li>\n
AMD Threadripper 2000 HEDT and Pro server processor series<\/strong><\/li>\n
AMD Threadripper 3000 HEDT and Pro server processor series<\/strong><\/li>\n
Ryzen 2000 series mobile processors<\/strong><\/li>\n
Ryzen 3000 series mobile processors<\/strong><\/li>\n
Ryzen 5000 series mobile processors<\/strong><\/li>\n
Ryzen 6000 series mobile processors<\/strong><\/li>\n
Athlon 3000 series mobile processors<\/strong><\/li>\n<\/ul>\n
Twenty-eight AMD vulnerabilities have been discovered affecting EPYC processors, with four models labeled with a “high severity” by the company. The three of high severity can have arbitrary code that can be executed through attack vectors in numerous areas. Also, one of the three listed has an additional exploit that permits writing data to specific sections leading to data loss. Other research teams found another fifteen vulnerabilities with lower severity and nine with minor severity.<\/p>\n
Because of the large number of affected processors exploited, the company chose to disclose this recent vulnerability list that would typically be published in May and November each year and make sure that mitigations were prepared for release. Other vulnerabilities within AMD products include a variant of Hertzbleed, another that acts similarly to the Meltdown exploit, and one called “Take A Way.”<\/p>\n
\n\n
\n
CVE<\/strong><\/td>\n
Severity<\/strong><\/td>\n
CVE Description<\/strong><\/td>\n<\/tr>\n
\n
CVE\u20112021\u201126316<\/td>\n
high<\/td>\n
Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201126346<\/td>\n
medium<\/td>\n
Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201146795<\/td>\n
low<\/td>\n
A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memory out of bounds that could potentially result in a denial of service.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
DESKTOP<\/strong><\/p>\n
\n\n
\n
CVE<\/strong><\/td>\n
AMD Ryzen\u2122 2000 series Desktop Processors \u201cRaven Ridge\u201d AM4<\/strong><\/td>\n
AMD Ryzen\u2122 2000 Series Desktop Processors \u201cPinnacle Ridge\u201d<\/strong><\/td>\n
AMD Ryzen\u2122 3000 Series Desktop Processors \u201cMatisse\u201d AM4<\/strong><\/td>\n
AMD Ryzen\u2122 5000 Series Desktop Processors \u201cVermeer\u201d AM4<\/strong><\/td>\n
AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics \u201cCezanne\u201d AM4<\/strong><\/td>\n<\/tr>\n
\n
Minimum version to mitigate all listed CVEs<\/strong><\/td>\n
Raven-FP5-AM4 1.1.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 PinnaclePI-AM4 1.0.0.C<\/strong><\/td>\n
PinnaclePI-AM4 1.0.0.C ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4<\/strong><\/td>\n
N\/A<\/strong><\/td>\n
N\/A<\/strong><\/td>\n
ComboAM4v2 PI 1.2.0.8<\/strong><\/td>\n<\/tr>\n
\n
CVE\u20112021\u201126316<\/td>\n
Raven-FP5-AM4 1.1.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 PinnaclePI-AM4 1.0.0.C<\/td>\n
PinnaclePI-AM4 1.0.0.C ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
ComboAM4v2 PI 1.2.0.4<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201126346<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
ComboAM4v2 PI 1.2.0.8<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201146795<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
ComboAM4v2 PI 1.2.0.5<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
HIGH END DESKTOP<\/strong><\/p>\n
\n\n
\n
CVE<\/strong><\/td>\n
2nd Gen AMD Ryzen\u2122 Threadripper\u2122 Processors \u201cColfax\u201d<\/strong><\/td>\n
3rd Gen AMD Ryzen\u2122 Threadripper\u2122 Processors \u201cCastle Peak\u201d HEDT<\/strong><\/td>\n<\/tr>\n
\n
Minimum version to mitigate all listed CVEs<\/strong><\/td>\n
AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics \u201cDali\u201d\/\u201dDali\u201d ULP<\/strong><\/td>\n
AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics \u201cPollock\u201d<\/strong><\/td>\n<\/tr>\n
\n
Minimum version to mitigate all listed CVEs<\/strong><\/td>\n
PicassoPI-FP5 1.0.0.D<\/td>\n
PollockPI-FT5 1.0.0.3<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201126316<\/td>\n
PicassoPI-FP5 1.0.0.D<\/td>\n
PollockPI-FT5 1.0.0.3<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201126346<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201146795<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
MOBILE – AMD Ryzen Series<\/strong><\/p>\n
\n\n
\n
CVE<\/strong><\/td>\n
AMD Ryzen\u2122 2000 Series Mobile Processors \u201cRaven Ridge\u201d FP5<\/strong><\/td>\n
AMD Ryzen\u2122 3000 Series Mobile processor, 2nd Gen AMD Ryzen\u2122 Mobile Processors with Radeon\u2122 Graphics \u201cPicasso\u201d<\/strong><\/td>\n
AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics \u201cRenoir\u201d FP6<\/strong><\/td>\n
AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics \u201cLucienne\u201d<\/strong><\/td>\n
AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics \u201cCezanne\u201d<\/strong><\/td>\n
AMD Ryzen\u2122 6000 Series Mobile Processors “Rembrandt”<\/strong><\/td>\n<\/tr>\n
\n
Minimum version to mitigate all listed CVEs<\/strong><\/td>\n
N\/A<\/strong><\/td>\n
PicassoPI-FP5 1.0.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4<\/strong><\/td>\n
RenoirPI-FP6 1.0.0.9 ComboAM4v2 PI 1.2.0.8<\/strong><\/td>\n
CezannePI-FP6 1.0.0.B<\/strong><\/td>\n
CezannePI-FP6 1.0.0.B<\/strong><\/td>\n
N\/A<\/strong><\/td>\n<\/tr>\n
\n
CVE\u20112021\u201126316<\/td>\n
N\/A<\/td>\n
PicassoPI-FP5 1.0.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4<\/td>\n
RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.4<\/td>\n
CezannePI-FP6 1.0.0.6<\/td>\n
CezannePI-FP6 1.0.0.6<\/td>\n
N\/A<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201126346<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
RenoirPI-FP6 1.0.0.9 ComboAM4v2 PI 1.2.0.8<\/td>\n
CezannePI-FP6 1.0.0.B<\/td>\n
CezannePI-FP6 1.0.0.B<\/td>\n
N\/A<\/td>\n<\/tr>\n
\n
CVE\u20112021\u201146795<\/td>\n
N\/A<\/td>\n
N\/A<\/td>\n
RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.5<\/td>\n
CezannePI-FP6 1.0.0.6<\/td>\n
CezannePI-FP6 1.0.0.6<\/td>\n
N\/A<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
News Sources: Tom’s Hardware, AMD Client Vulnerabilities \u2013 January 2023, AMD Server Vulnerabilities \u2013 January 2023<\/p>\n