Description
A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027
Scores
CVSS v3
4.4
EPSS
0.0005
EPSS Percentile
16.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Details
Status
published
Products (34)
amd/radeon_software
amd/ryzen_3_3100_firmware
amd/ryzen_3_3300g_firmware
amd/ryzen_3_3300x_firmware
amd/ryzen_3_5125c_firmware
amd/ryzen_3_5400u_firmware
amd/ryzen_3_5425c_firmware
amd/ryzen_3_5425u_firmware
amd/ryzen_5_3400g_firmware
amd/ryzen_5_3450g_firmware
... and 24 more
Published
May 12, 2022
Tracked Since
Feb 18, 2026