AMD has disclosed 31 vulnerabilities within its processor lines, including Ryzen and EPYC CPUs
AMD It was revealed in the latest January update that Thirty-one new vulnerabilities It is found in its processors covering Ryzen and EPYC CPUs.
AMD hit with 31 new vulnerabilities to start 2023, affecting Ryzen and EPYC CPU lines
The company has created several mitigations to mitigate the exposed processors and also revealed a report from the company in collaboration with teams from three major companies – Apple, Google and Oracle. The company also announced several AGESA variants included in the update (AGESA code found when creating system BIOS and UEFI code).
Due to the nature of the vulnerability, AGESA changes have been handed over to OEMs, and any patch will be up to each vendor to release as soon as possible. It would be wise for consumers to visit the official website of the vendor to see if there is a new update waiting to be downloaded rather than waiting for the company to roll it out later.
AMD processors vulnerable to this new attack include Ryzen desktop models, HEDT, Pro and mobile CPU series. There is one vulnerability that is classified as “high severity”, while another vulnerability is less severe but still important to patch. All exposures are attacked through the BIOS and the ASP bootloader (also known as the AMD Secure Processor bootloader).
The AMD CPU series at risk are:
- Ryzen 2000 (Pinnacle Ridge) series processors
- Ryzen 2000 APUs
- Ryzen 5000 APUs
- AMD Threadripper 2000 HEDT and Pro series server processors
- AMD Threadripper 3000 HEDT and Pro series server processors
- Ryzen 2000 mobile processor series
- Ryzen 3000 Series Mobile Processors
- Ryzen 5000 Series Mobile Processors
- Ryzen 6000 Series Mobile Processors
- Athlon 3000 series mobile processors
28 AMD vulnerabilities affecting EPYC processors have been discovered, with four models designated as “high risk” by the company. The three of the most dangerous can have arbitrary code that can be executed by attack vectors in many areas. Also, one of the three listed has an additional exploit that allows data to be written to specific partitions resulting in data loss. Other research teams found fifteen other vulnerabilities of lesser severity and nine more of minor severity.
Due to the large number of affected processors that have been exploited, the company has elected to disclose this latest list of vulnerabilities that would normally be published in May and November each year and ensure that mitigations are prepared for release. Other vulnerabilities in AMD products include a variant of Hertzbleed, another that works similarly to a Meltdown exploit, and another called “Take A Way”.
| CVE | Danger | CVE description |
| CVE‑2021‑26316 | high | Failure to validate the connection buffer and connection service in the BIOS could allow attackers to tamper with the buffer resulting in potentially arbitrary SMM (System Management Mode) code execution. |
| CVE‑2021‑26346 | middle | Failure to validate an integer parameter in an ASP (AMD Secure Processor) bootloader could allow an attacker to introduce an integer override in the SPI flash’s L2 directory table resulting in a possible denial of service. |
| CVE‑2021‑46795 | Little | A vulnerability exists in TOCTOU (Time to Use Check Time) where an attacker could use a compromised BIOS to make TEE OS read memory out of bounds which could result in a denial of service. |
desktop
| CVE | AMD Ryzen™ 2000 series desktop processors “Raven Ridge” AM4 |
AMD Ryzen™ 2000 Series Desktop Processors Pinnacle Ridge |
AMD Ryzen™ 3000 Series Desktop Processors Matisse AM4 |
AMD Ryzen™ 5000 Series Desktop Processors Vermeer AM4 |
AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Cezanne AM4 |
| Minimal version to mitigate all forms of violent extremism listed | Raven-FP5-AM4 1.1.0.D AM4PI Combo 1.0.0.8 ComboAM4v2 PI 1.2.0.4 Pinnacle PI-AM4 1.0.0.C |
Pinnacle PI-AM4 1.0.0.C AM4PI Combo 1.0.0.8 ComboAM4v2 PI 1.2.0.4 |
Unavailable | Unavailable | ComboAM4v2 PI 1.2.0.8 |
| CVE‑2021‑26316 | Raven-FP5-AM4 1.1.0.D AM4PI Combo 1.0.0.8 ComboAM4v2 PI 1.2.0.4 Pinnacle PI-AM4 1.0.0.C |
Pinnacle PI-AM4 1.0.0.C AM4PI Combo 1.0.0.8 ComboAM4v2 PI 1.2.0.4 |
Unavailable | Unavailable | ComboAM4v2 PI 1.2.0.4 |
| CVE‑2021‑26346 | Unavailable | Unavailable | Unavailable | Unavailable | ComboAM4v2 PI 1.2.0.8 |
| CVE‑2021‑46795 | Unavailable | Unavailable | Unavailable | Unavailable | ComboAM4v2 PI 1.2.0.5 |
High quality desktop
| CVE | 2nd generation AMD Ryzen™ Threadripper™ processors Colfax |
3rd generation AMD Ryzen™ Threadripper™ processors “Castle Peak” HEDT |
| Minimal version to mitigate all forms of violent extremism listed | SummitPI-SP3r2 1.1.0.5 | CastlePeakPI-SP3r3 1.0.0.6 |
| CVE‑2021‑26316 | SummitPI-SP3r2 1.1.0.5 | CastlePeakPI-SP3r3 1.0.0.6 |
| CVE‑2021‑26346 | Unavailable | Unavailable |
| CVE‑2021‑46795 | Unavailable | Unavailable |
Workstation
| CVE | AMD Ryzen ™ Threadripper ™ PRO processors “Castle Peak” WS |
AMD Ryzen ™ Threadripper ™ PRO processors Chagall W.S |
| Minimal version to mitigate all forms of violent extremism listed | CastlePeakWSPI-sWRX8 1.0.0.7 0.0.9.0 Chagall WSPI-sWRX8 |
Unavailable |
| CVE‑2021‑26316 | CastlePeakWSPI-sWRX8 1.0.0.7 0.0.9.0 Chagall WSPI-sWRX8 |
Unavailable |
| CVE‑2021‑26346 | Unavailable | Unavailable |
| CVE‑2021‑46795 | Unavailable | Unavailable |
Mobile – AMD Athlon series
| CVE | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics ULP “DALI” / “DALI” |
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Pollock |
| Minimal version to mitigate all forms of violent extremism listed | PicassoPI-FP5 1.0.0.D | Pollock PI-FT5 1.0.0.3 |
| CVE‑2021‑26316 | PicassoPI-FP5 1.0.0.D | Pollock PI-FT5 1.0.0.3 |
| CVE‑2021‑26346 | Unavailable | Unavailable |
| CVE‑2021‑46795 | Unavailable | Unavailable |
Mobile – AMD Ryzen series
| CVE | AMD Ryzen™ 2000 Mobile Processor Series Raven Ridge FP5 |
AMD Ryzen™ 3000 Series Mobile Processors, 2nd Generation AMD Ryzen™ Mobile Processors with Radeon™ Graphics “artist” |
AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Renoir FP6 |
AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Lucien |
AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Cezanne |
AMD Ryzen™ 6000 Mobile Processor Series Rembrandt |
| Minimal version to mitigate all forms of violent extremism listed | Unavailable | PicassoPI-FP5 1.0.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 | RenoirPI-FP6 1.0.0.9 ComboAM4v2 PI 1.2.0.8 |
CezannePI-FP6 1.0.0.B | CezannePI-FP6 1.0.0.B | Unavailable |
| CVE‑2021‑26316 | Unavailable | PicassoPI-FP5 1.0.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 | RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.4 | Cezanne PI-FP6 1.0.0.6 | Cezanne PI-FP6 1.0.0.6 | Unavailable |
| CVE‑2021‑26346 | Unavailable | Unavailable | RenoirPI-FP6 1.0.0.9 ComboAM4v2 PI 1.2.0.8 |
CezannePI-FP6 1.0.0.B | CezannePI-FP6 1.0.0.B | Unavailable |
| CVE‑2021‑46795 | Unavailable | Unavailable | RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.5 | Cezanne PI-FP6 1.0.0.6 | Cezanne PI-FP6 1.0.0.6 | Unavailable |
News sources: tom devicesAnd AMD Client Vulnerabilities – Jan 2023And AMD Server Vulnerabilities – January 2023