What is CVE-2022-23817?

CVE-2022-23817 is a high-severity vulnerability in Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics, classified under Improper Input Validation. CVSS score: 7.0/10. Published 2024-08-13.

How severe is CVE-2022-23817?

High severity. CVSS v3 base score is 7.0 out of 10.

Buffer overflow in Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics

CVE-2022-23817

Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege e…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.002 (38.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.0 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics — versions ComboAM4PI 1.0.0.9, ComboAM4v2 PI 1.2.0.8
Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics — versions PicassoPI-FP5 1.0.0.E, PollockPI-FT5 1.0.0.4
Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics — versions PicassoPI-FP5 1.0.0.E
Amd Instinct™ Mi210 — versions ROCm 7.0
Amd Instinct™ Mi250 — versions ROCm 7.0
Amd Radeon™ Pro W5000 Series Graphics Products — versions AMD Software: PRO Edition 22.Q2 (22.10.20)
Amd Radeon™ Pro W6000 Series Graphics Products — versions AMD Software: PRO Edition 22.Q2 (22.10.20)
Amd Radeon™ Rx 5000 Series Graphics Products — versions AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
Amd Radeon™ Rx 6000 Series Graphics Products — versions AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
Amd Ryzen™ 2000 Mobile Processors — versions ComboAM4v2 PI 1.2.0.8, ComboAM4PI 1.0.0.9

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2022-23817?: CVE-2022-23817 is a high-severity vulnerability in Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics, classified under Improper Input Validation. CVSS score: 7.0/10. Published 2024-08-13.
How severe is CVE-2022-23817?: High severity. CVSS v3 base score is 7.0 out of 10.