CVE-2022-23815

HIGH

APCB Firmware - Memory Corruption

Title source: llm

Description

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

References (1)

[Vendor Advisory] https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html

Scores

CVSS v3 7.5

EPSS 0.0008

EPSS Percentile 24.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Classification

CWE

CWE-787

Status published

Affected Products (16)

amd/athlon_silver_3050u_firmware < picassopi-fp5_1.0.0.e

amd/athlon_gold_3150u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_7_3780u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_7_3750h_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_7_pro_3700u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_7_3700u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_5_3580u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_5_3550h_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_5_3500u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_3_3300u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_3_3250u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_3_3200u_firmware < picassopi-fp5_1.0.0.e

amd/athlon_gold_pro_3150g_firmware

amd/athlon_gold_3150g_firmware

amd/athlon_gold_pro_3150ge_firmware

... and 1 more

Timeline

Published Aug 13, 2024

Tracked Since Feb 18, 2026