Thirty-one security flaws, including ones affecting Ryzen and EPYC CPUs, were discovered in AMD’s processors, the company stated in its most significant recent January update.
AMD hit with 31 new vulnerabilities to start 2023, affecting Ryzen & EPYC CPU lines
The company has developed various mitigations to protect visible processors. It has also made public a report it collaborated on with team members from three leading corporations: Apple, Google, and Oracle. The business also disclosed several AGESA variants included in the update (AGESA code is present in the system’s BIOS and UEFI code).
Due to the vulnerability’s nature, the AGESA variations have been sent to OEMs. Therefore, any trying to patch will rely heavily on each seller making it available as soon as possible. Instead of waiting for the business to slide out the report soon, users should check the seller’s official website to see whether there is the latest update that can be downloaded.
AMD’s Ryzen desktop processor models, HEDT, Pro, and mobile CPU series are all susceptible to this new attack. One security flaw is classified as having “high severity,” whereas two others would be less serious but still need to be patched. Every security flaw is attacked via the BIOS and ASP bootloader, known as the AMD Secure Processor bootloader.
The following AMD CPU series are weak points:
- Processors from the Ryzen 2000 (Pinnacle Ridge) series
- Ryzen 2k CPUs
- 5000 Ryzen APUs
- Server processor series AMD Threadripper 2000 HEDT and Pro
- series of AMD Threadripper 3000 server processors, HEDT and Pro
- mobile Ryzen 2000 series processors
- mobile Ryzen 3000 series processors
- mobile Ryzen 5000 series processors
- mobile Ryzen 6000 series processors
- mobile Athlon 3000 series processors
28 AMD security breaches affect EPYC processors, four of which the company has rated as having “high severity.” The three considered high severity might contain arbitrary code that may be run via various attack vectors. Additionally, one of the three mentioned has a further exploit that enables writing data to particular sections, resulting in data loss. Other research teams discovered nine security flaws with lower risk and another fifteen with moderate severity.
The company decided to reveal this latest security risk list, typically released in May and November per year, to ensure that mitigation techniques were ready to be removed due to the significant number of vulnerable processors exploited. Other flaws in AMD software include a Hertzbleed variant, another that functions similarly to the Meltdown exploit, and a spot dubbed “Take A Way.”
| CVE | Severity | CVE Description |
| CVE‑2021‑26316 | High | Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution. |
| CVE‑2021‑26346 | Medium | Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service. |
| CVE‑2021‑46795 | Low | A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memory out of bounds that could potentially result in a denial of service. |
DESKTOP
| CVE | AMD Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4 | AMD Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge” | AMD Ryzen™ 3000 Series Desktop Processors “Matisse” AM4 | AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4 | AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne” AM4 |
| Minimum version to mitigate all listed CVEs | Raven-FP5-AM4 1.1.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 PinnaclePI-AM4 1.0.0.C | PinnaclePI-AM4 1.0.0.C ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 | N/A | N/A | ComboAM4v2 PI 1.2.0.8 |
| CVE‑2021‑26316 | Raven-FP5-AM4 1.1.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 PinnaclePI-AM4 1.0.0.C | PinnaclePI-AM4 1.0.0.C ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 | N/A | N/A | ComboAM4v2 PI 1.2.0.4 |
| CVE‑2021‑26346 | N/A | N/A | N/A | N/A | ComboAM4v2 PI 1.2.0.8 |
| CVE‑2021‑46795 | N/A | N/A | N/A | N/A | ComboAM4v2 PI 1.2.0.5 |
HIGH END DESKTOP
| CVE | 2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax” | 3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT |
| Minimum version to mitigate all listed CVEs | SummitPI-SP3r2 1.1.0.5 | CastlePeakPI-SP3r3 1.0.0.6 |
| CVE‑2021‑26316 | SummitPI-SP3r2 1.1.0.5 | CastlePeakPI-SP3r3 1.0.0.6 |
| CVE‑2021‑26346 | N/A | N/A |
| CVE‑2021‑46795 | N/A | N/A |
WORKSTATION
| CVE | AMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS | AMD Ryzen™ Threadripper™ PRO Processors “Chagall” WS |
| Minimum version to mitigate all listed CVEs | CastlePeakWSPI-sWRX8 1.0.0.7 ChagallWSPI-sWRX8 0.0.9.0 | N/A |
| CVE‑2021‑26316 | CastlePeakWSPI-sWRX8 1.0.0.7 ChagallWSPI-sWRX8 0.0.9.0 | N/A |
| CVE‑2021‑26346 | N/A | N/A |
| CVE‑2021‑46795 | N/A | N/A |
MOBILE – AMD Athlon Series
| CVE | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock” |
| Minimum version to mitigate all listed CVEs | PicassoPI-FP5 1.0.0.D | PollockPI-FT5 1.0.0.3 |
| CVE‑2021‑26316 | PicassoPI-FP5 1.0.0.D | PollockPI-FT5 1.0.0.3 |
| CVE‑2021‑26346 | N/A | N/A |
| CVE‑2021‑46795 | N/A | N/A |
MOBILE – AMD Ryzen Series
| CVE | AMD Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5 | AMD Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso” | AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6 | AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne” | AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne” | AMD Ryzen™ 6000 Series Mobile Processors “Rembrandt” |
| Minimum version to mitigate all listed CVEs | N/A | PicassoPI-FP5 1.0.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 | RenoirPI-FP6 1.0.0.9 ComboAM4v2 PI 1.2.0.8 | CezannePI-FP6 1.0.0.B | CezannePI-FP6 1.0.0.B | N/A |
| CVE‑2021‑26316 | N/A | PicassoPI-FP5 1.0.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.4 | RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.4 | CezannePI-FP6 1.0.0.6 | CezannePI-FP6 1.0.0.6 | N/A |
| CVE‑2021‑26346 | N/A | N/A | RenoirPI-FP6 1.0.0.9 ComboAM4v2 PI 1.2.0.8 | CezannePI-FP6 1.0.0.B | CezannePI-FP6 1.0.0.B | N/A |
| CVE‑2021‑46795 | N/A | N/A | RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.5 | CezannePI-FP6 1.0.0.6 | CezannePI-FP6 1.0.0.6 | N/A |
News Source: wccftech.com
