CVE-2022-23821
published 2023-11-14CVE-2022-23821: Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
Affected
150 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amd | amd_ryzen_5000_series_processors_with_radeon_graphics_barcelo | — | — |
| amd | amd_ryzen_6000_series_processors_with_radeon_graphics_rembrandt | — | — |
| amd | amd_ryzen_7030_series_mobile_processors_with_radeon_graphics_barcelo-r | — | — |
| amd | amd_ryzen_7035_series_processors_with_radeon_graphics_rembrandt-r | — | — |
| amd | amd_ryzen_embedded_5000 | — | — |
| amd | amd_ryzen_embedded_r1000 | — | — |
| amd | amd_ryzen_embedded_r2000 | — | — |
| amd | amd_ryzen_embedded_v1000 | — | — |
| amd | amd_ryzen_embedded_v2000 | — | — |
| amd | amd_ryzen_embedded_v3000 | — | — |
| amd | athlon_3000_series_desktop_processors_with_radeon_graphics_picasso_am4 | — | — |
| amd | athlon_3000_series_mobile_processors_with_radeon_graphics_dali_dali_fp5 | — | — |
| amd | athlon_3000_series_mobile_processors_with_radeon_graphics_pollock | — | — |
| amd | athlon_3015ce_firmware | — | — |
| amd | athlon_3015e_firmware | — | — |
| amd | ryzen_3000_series_desktop_processors_matisse | — | — |
| amd | ryzen_3000_series_mobile_processor_with_radeon_graphics_picasso_fp5 | — | — |
| amd | ryzen_3_3100_firmware | — | — |
| amd | ryzen_3_3100_firmware | — | — |
| amd | ryzen_3_3200u_firmware | — | — |
| amd | ryzen_3_3250c_firmware | — | — |
| amd | ryzen_3_3250u_firmware | — | — |
| amd | ryzen_3_3300u_firmware | — | — |
| amd | ryzen_3_3300x_firmware | — | — |
| amd | ryzen_3_3300x_firmware | — | — |