Input validation

2023-11-1419:15:00

PRIOn knowledge base

www.prio-n.com

validation

spi flash

asp

bootloader

attack

memory

availability

integrity

nvd

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.8%

JSON

Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.

CPENameOperatorVersion
ryzen_3_4300u_firmwareeq< renoirpifp61.0.0.a
ryzen_3_5125c_firmwareeq< cezannepifp61.0.0.c
ryzen_3_5300g_firmwareeq< comboam4v2pi1.2.0.8
ryzen_3_5300ge_firmwareeq< comboam4v2pi1.2.0.8
ryzen_3_5300u_firmwareeq< cezannepifp61.0.0.c
ryzen_3_5400u_firmwareeq< cezannepifp61.0.0.c
ryzen_3_5425u_firmwareeq< cezannepifp61.0.0.c
ryzen_3_7335u_firmwareeq< rembrandtpifp71.0.0.5
ryzen_3_pro_7330u_firmwareeq< cezannepifp61.0.0.c
ryzen_5_4500u_firmwareeq< renoirpifp61.0.0.a

Name	Operator	Version
ryzen_3_4300u_firmware	eq	< renoirpifp61.0.0.a
ryzen_3_5125c_firmware	eq	< cezannepifp61.0.0.c
ryzen_3_5300g_firmware	eq	< comboam4v2pi1.2.0.8
ryzen_3_5300ge_firmware	eq	< comboam4v2pi1.2.0.8
ryzen_3_5300u_firmware	eq	< cezannepifp61.0.0.c
ryzen_3_5400u_firmware	eq	< cezannepifp61.0.0.c
ryzen_3_5425u_firmware	eq	< cezannepifp61.0.0.c
ryzen_3_7335u_firmware	eq	< rembrandtpifp71.0.0.5
ryzen_3_pro_7330u_firmware	eq	< cezannepifp61.0.0.c
ryzen_5_4500u_firmware	eq	< renoirpifp61.0.0.a