CVE-2022-23815Out-of-bounds Write in AMD Athlon Gold 3150u Firmware

CWE-787Out-of-bounds Write3 documents3 sources
Severity
8.2HIGHNVD
CNA7.5
EPSS
0.1%
top 75.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
AMD Athlon Gold 3150u FirmwareAMD Athlon Silver 3050u FirmwareAMD Ryzen 3 3200u Firmware+10 more
Timeline
PublishedAug 13

Description

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages13 packages

NVDamd/ryzen_3_3200u_firmware< picassopi-fp5_1.0.0.e
NVDamd/ryzen_3_3250u_firmware< picassopi-fp5_1.0.0.e
NVDamd/ryzen_3_3300u_firmware< picassopi-fp5_1.0.0.e
NVDamd/ryzen_5_3500u_firmware< picassopi-fp5_1.0.0.e
NVDamd/ryzen_5_3550h_firmware< picassopi-fp5_1.0.0.e

🔴Vulnerability Details

2
CVEList
CVE-2022-23815: Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to a2024-08-13
GHSA
GHSA-cjjq-cwpw-fx4q: Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to a2024-08-13
CVE-2022-23815 — Out-of-bounds Write in AMD | cvebase