Input validation

2023-08-0818:15:00

PRIOn knowledge base

www.prio-n.com

input validation

cpmdisplayfeaturesmm

attacker

smm memory corruption

arbitrary code execution

nvd

0.0004 Low

EPSS

Percentile

5.1%

JSON

Insufficient input validation in
CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting
an arbitrary bit in an attacker-controlled pointer potentially leading to
arbitrary code execution in SMM.

CPENameOperatorVersion
athlon_3015ce_firmwareeq< pollockpift51.0.0.5
athlon_3015e_firmwareeq< pollockpift51.0.0.5
athlon_gold_3150c_firmwareeq< picassopifp51.0.0.f
athlon_gold_3150g_firmwareeq< comboam4piv1-1.0.0.a
athlon_gold_3150g_firmwareeq< comboam4v2-1.2.0.a
athlon_gold_3150ge_firmwareeq< comboam4piv1-1.0.0.a
athlon_gold_3150ge_firmwareeq< comboam4v2-1.2.0.a
athlon_gold_3150u_firmwareeq< picassopifp51.0.0.f
athlon_gold_pro_3150g_firmwareeq< comboam4piv1-1.0.0.a
athlon_gold_pro_3150g_firmwareeq< comboam4v2-1.2.0.a

Name	Operator	Version
athlon_3015ce_firmware	eq	< pollockpift51.0.0.5
athlon_3015e_firmware	eq	< pollockpift51.0.0.5
athlon_gold_3150c_firmware	eq	< picassopifp51.0.0.f
athlon_gold_3150g_firmware	eq	< comboam4piv1-1.0.0.a
athlon_gold_3150g_firmware	eq	< comboam4v2-1.2.0.a
athlon_gold_3150ge_firmware	eq	< comboam4piv1-1.0.0.a
athlon_gold_3150ge_firmware	eq	< comboam4v2-1.2.0.a
athlon_gold_3150u_firmware	eq	< picassopifp51.0.0.f
athlon_gold_pro_3150g_firmware	eq	< comboam4piv1-1.0.0.a
athlon_gold_pro_3150g_firmware	eq	< comboam4v2-1.2.0.a