A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.

CPENameOperatorVersion
amd:ryzen_3_5100_firmwareamd ryzen 3 5100 firmwareltcomboam4v2_1.2.0.b
amd:ryzen_3_5100_firmwareamd ryzen 3 5100 firmwareeq-

CPE	Name	Operator	Version
amd:ryzen_3_5100_firmware	amd ryzen 3 5100 firmware	lt	comboam4v2_1.2.0.b
amd:ryzen_3_5100_firmware	amd ryzen 3 5100 firmware	eq	-

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002

cvelist 3

prion 3

redhatcve 3

oraclelinux 5

cisa 1

xen 1

exploitpack 1

photon 2

nessus 78

debiancve 2

huawei 2

openvas 46

packetstorm 1

veracode 1

cert 1

cve 2

mscve 1

ubuntucve 2

zdt 2

threatpost 1

freebsd 1

redhat 12

metasploit 1

symantec 1

qualysblog 1

f5 2

osv 4

freebsd_advisory 1

amd 2

exploitdb 2

mskb 1

hp 1

debian 4

suse 1

ubuntu 2

virtuozzo 1

apple 2

cloudfoundry 1

citrix 1

cvelist

CVE-2023-20571

2023-11-14 18:55:02

CVE-2018-8897

2018-05-08 18:00:00

CVE-2018-10872

2018-07-10 19:00:00

prion

Race condition

2023-11-14 19:15:00

Privilege escalation

2018-05-08 18:29:00

Code injection

2018-07-10 19:29:00

redhatcve

CVE-2018-8897

2020-04-07 11:35:31

CVE-2018-10872

2018-07-10 15:19:17

CVE-2018-1087

2020-04-08 20:05:13

oraclelinux

kernel security update

2018-09-18 00:00:00

Unbreakable Enterprise kernel security update

2018-05-08 00:00:00

Unbreakable Enterprise kernel security update

2018-05-08 00:00:00

cisa

Debug Exception May Cause Unexpected Behavior

2018-05-08 00:00:00

xen

x86: mishandling of debug exceptions

2018-05-08 16:45:00

exploitpack

Microsoft Windows - POPMOV SS Privilege Escalation

2018-05-22 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0132-A

2018-05-03 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0037-A

2018-04-24 00:00:00

nessus

Photon OS 1.0: Linux PHSA-2018-1.0-0132-(a)

2019-02-07 00:00:00

F5 Networks BIG-IP : Linux kernel vulnerability (K17403481)

2018-11-02 00:00:00

FreeBSD : FreeBSD -- Mishandling of x86 debug exceptions (521ce804-52fd-11e8-9123-a4badb2f4699)

2018-05-09 00:00:00

debiancve

CVE-2018-8897

2018-05-08 18:29:00

CVE-2018-10872

2018-07-10 19:29:00

huawei

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products

2019-09-21 00:00:00

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products

2019-09-21 00:00:00

openvas

Huawei Data Communication: Privilege Escalation Vulnerability in Some Huawei Products (huawei-sa-20181010-01-debug)

2020-05-26 00:00:00

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1119)

2020-01-23 00:00:00

SUSE: Security Advisory (SUSE-SU-2018:1513-1)

2021-04-19 00:00:00

packetstorm

Microsoft Windows POP/MOV SS Local Privilege Elevation

2018-07-13 00:00:00

veracode

Local Privilege Escalation

2019-01-15 09:21:51

cert

Hardware debug exception documentation may result in unexpected behavior

2018-05-08 00:00:00

cve

CVE-2018-8897

2018-05-08 18:29:00

CVE-2018-10872

2018-07-10 19:29:00

mscve

Windows Kernel Elevation of Privilege Vulnerability

2018-05-08 07:00:00

ubuntucve

CVE-2018-8897

2018-05-08 00:00:00

CVE-2018-10872

2018-07-10 00:00:00

zdt

Microsoft Windows #MicrosoftWindows POP/MOV SS Local Privilege Elevation Exploit

2018-07-13 00:00:00

Microsoft Windows - POP/MOV SS Privilege Escalation Exploit

2018-05-23 00:00:00

threatpost

Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked

2018-05-10 15:37:07

freebsd

FreeBSD -- Mishandling of x86 debug exceptions

2018-05-08 00:00:00

redhat

(RHSA-2018:1353) Moderate: kernel security update

2018-05-08 21:59:19

(RHSA-2018:1352) Moderate: kernel security update

2018-05-08 21:59:05

(RHSA-2018:1351) Moderate: kernel security and bug fix update

2018-05-08 21:14:35

metasploit

Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability

2018-07-13 06:11:37

symantec

Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability

2018-05-08 00:00:00

qualysblog

What we’ve got here is failure to communicate: OS vendors misread CPU docs, create flaw

2018-05-14 18:47:42

K17403481 : Linux kernel vulnerability CVE-2018-8897

2018-05-15 00:00:00

K05345625 : Linux kernel vulnerability CVE-2018-10872

2020-12-17 00:00:00

osv

CVE-2018-8897

2018-05-08 18:29:00

linux - security update

2018-05-08 00:00:00

xen - security update

2018-05-25 00:00:00

freebsd_advisory

FreeBSD-SA-18:06.debugreg

2018-05-08 00:00:00

amd

AMD Client Vulnerabilities – November 2023

2023-11-14 00:00:00

AMD Embedded Processors Vulnerabilities – February 2024

2024-02-13 00:00:00

exploitdb

Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)

2018-07-13 00:00:00

Microsoft Windows - 'POP/MOV SS' Privilege Escalation

2018-05-22 00:00:00

mskb

Description of the security update for vulnerabilities in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: May 08, 2018

2018-05-08 07:00:00

AMD Client UEFI Firmware November 2023 Security Update

2024-01-08 00:00:00

debian

[SECURITY] [DLA 1383-1] xen security update

2018-05-25 11:26:24

[SECURITY] [DSA 4196-1] linux security update

2018-05-08 21:54:36

[SECURITY] [DSA 4196-1] linux security update

2018-05-08 21:54:56

suse

Security update for the Linux Kernel (important)

2018-05-09 00:07:18

ubuntu

Linux kernel vulnerabilities

2018-05-08 00:00:00

Linux kernel vulnerabilities

2018-05-08 00:00:00

virtuozzo

Important product update: Virtuozzo 7.0 Update 7 Hotfix 3 (7.0.7-461)

2018-05-30 00:00:00

apple

About the security content of Security Update 2018-001

2018-04-24 00:00:00

About the security content of Security Update 2018-001 - Apple Support

2018-05-08 05:03:32

cloudfoundry

USN-3641-1: Linux kernel vulnerabilities | Cloud Foundry

2018-06-05 00:00:00

citrix

Citrix XenServer Multiple Security Updates

2018-05-08 04:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

38.5%

JSON

Related for CVE-2023-20571

cvelist3 prion3 redhatcve3 oraclelinux5 cisa1 xen1 exploitpack1 photon2 nessus78 debiancve2 huawei2 openvas46 packetstorm1 veracode1 cert1 cve2 mscve1 ubuntucve2 zdt2 threatpost1 freebsd1 redhat12 metasploit1 symantec1 qualysblog1 f52 osv4 freebsd_advisory1 amd2 exploitdb2 mskb1 hp1 debian4 suse1 ubuntu2 virtuozzo1 apple2 cloudfoundry1 citrix1