目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2022-23817— AMD Secure Processor 安全漏洞

AI 预测 7.8 利用难度: 中等 EPSS 0.18% · P8

影响版本矩阵 30

厂商产品版本范围状态
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.0.Eunaffected
AMDAMD Instinct™ MI210ROCm 7.0unaffected
AMDAMD Instinct™ MI250ROCm 7.0unaffected
AMDAMD Radeon™ PRO W5000 Series Graphics ProductsAMD Software: PRO Edition 22.Q2 (22.10.20)unaffected
AMDAMD Radeon™ PRO W6000 Series Graphics ProductsAMD Software: PRO Edition 22.Q2 (22.10.20)unaffected
AMDAMD Radeon™ RX 5000 Series Graphics ProductsAMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)unaffected
AMDAMD Radeon™ RX 6000 Series Graphics ProductsAMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)unaffected
AMDAMD Ryzen™ 2000 Mobile ProcessorsComboAM4v2 PI 1.2.0.8unaffected
ComboAM4PI 1.0.0.9unaffected
AMDAMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4V1 1.0.0.Aunaffected
ComboAM4V2 1.2.0.9unaffected
AMDAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.0.Eunaffected
AMDAMD Ryzen™ 4000 Series Desktop ProcessorsComboAM4v2 PI 1.2.0.8unaffected
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.Aunaffected
AMDAMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2 PI 1.2.0.8unaffected
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsComboAM4v2 PI 1.2.0.8unaffected
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6 1.0.0.Cunaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.5unaffected
AMDAMD Ryzen™ Embedded 5000 Series ProcessorsEmbAM4PI 1.0.0.2unaffected
AMDAMD Ryzen™ Embedded R1000 Series ProcessorsEmbeddedPI-FP5_1.2.0.Aunaffected
AMDAMD Ryzen™ Embedded R2000 Series ProcessorsEmbeddedR2KPI-FP5 1.0.0.2unaffected
AMDAMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")EmbeddedPI-FP5_1.2.0.Aunaffected
AMDAMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")EmbeddedPI-FP5_1.2.0.Aunaffected
AMDAMD Ryzen™ Embedded V2000 Series ProcessorEmbeddedPI-FP6_1.0.0.8unaffected
AMDAMD Ryzen™ Embedded V3000 Series ProcessorsEmbeddedPI-FP7r2_1002unaffected
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.5unaffected
CastlePeakWSPI-sWRX8 1.0.0.Aunaffected
AMDAMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.5unaffected
AMDMI-100ROCm 6.4.2unaffected
AMDMI-25 / 50No fix plannedunaffected
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2022-23817 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
输入验证不恰当
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
AMD Secure Processor 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
AMD Secure Processor(ASP)是美国超威半导体(AMD)公司的一款独立的 ARM Coretex-A5 芯片。 AMD Secure Processor(ASP)存在安全漏洞,该漏洞源于内存缓冲区检查不足,可能允许攻击者读取/写入ASP Secure OS内核虚拟地址空间,从而导致权限提升。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics PicassoPI-FP5 1.0.0.E -
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors ChagallWSPI-sWRX8 1.0.0.5 -
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics ComboAM4v2 PI 1.2.0.8 -
AMDAMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors ChagallWSPI-sWRX8 1.0.0.5 -
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics RenoirPI-FP6 1.0.0.A -
AMDAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics PicassoPI-FP5 1.0.0.E -
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6 1.0.0.C -
AMDAMD Ryzen™ 3000 Series Desktop Processors ComboAM4V1 1.0.0.A -
AMDAMD Ryzen™ 2000 Mobile Processors ComboAM4v2 PI 1.2.0.8 -
AMDAMD Ryzen™ 4000 Series Desktop Processors ComboAM4v2 PI 1.2.0.8 -
AMDAMD Ryzen™ 5000 Series Desktop Processors ComboAM4v2 PI 1.2.0.8 -
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics RembrandtPI-FP7_1.0.0.5 -
AMDAMD Ryzen™ Embedded R1000 Series Processors EmbeddedPI-FP5_1.2.0.A -
AMDAMD Ryzen™ Embedded R2000 Series Processors EmbeddedR2KPI-FP5 1.0.0.2 -
AMDAMD Ryzen™ Embedded 5000 Series Processors EmbAM4PI 1.0.0.2 -
AMDAMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") EmbeddedPI-FP5_1.2.0.A -
AMDAMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso") EmbeddedPI-FP5_1.2.0.A -
AMDAMD Ryzen™ Embedded V2000 Series Processor EmbeddedPI-FP6_1.0.0.8 -
AMDAMD Ryzen™ Embedded V3000 Series Processors EmbeddedPI-FP7r2_1002 -
AMDAMD Radeon™ RX 5000 Series Graphics Products AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01) -
AMDAMD Radeon™ PRO W5000 Series Graphics Products AMD Software: PRO Edition 22.Q2 (22.10.20) -
AMDAMD Radeon™ RX 6000 Series Graphics Products AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01) -
AMDAMD Radeon™ PRO W6000 Series Graphics Products AMD Software: PRO Edition 22.Q2 (22.10.20) -
AMDMI-25 / 50 No fix planned -
AMDMI-100 ROCm 6.4.2 -
AMDAMD Instinct™ MI250 ROCm 7.0 -
AMDAMD Instinct™ MI210 ROCm 7.0 -

二、漏洞 CVE-2022-23817 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2022-23817 的情报信息

登录查看更多情报信息。

CVE-2022-23817 厂商安全公告 (5)

同批安全公告 · AMD · 2024-08-13 · 共 26 条

CVE-2022-238157.5 HIGHAMD Secure Processor 安全漏洞
CVE-2023-205787.5 HIGHAMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
CVE-2023-313497.3 HIGHAMD μProf 安全漏洞
CVE-2023-313487.3 HIGHAMD μProf 安全漏洞
CVE-2023-313417.3 HIGHAMD μProf 安全漏洞
CVE-2021-263447.2 HIGHAMD Secure Processor 和 AMD Secure Encrypted Virtualization 安全漏洞
CVE-2023-205916.5 MEDIUMAMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
CVE-2021-263675.7 MEDIUMAMD Graphics Driver 安全漏洞
CVE-2024-219815.7 MEDIUMAMD Secure Processor 安全漏洞
CVE-2023-205845.3 MEDIUMAMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
CVE-2023-205095.2 MEDIUMAMD Graphics Driver 安全漏洞
CVE-2021-467465.2 MEDIUMAMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
CVE-2023-313105.0 MEDIUMAMD Graphics Driver 安全漏洞
CVE-2023-313394.8 MEDIUMAMD Zynq UltraScale+ 安全漏洞
CVE-2023-205104.7 MEDIUMAMD Graphics Driver 安全漏洞
CVE-2023-313564.4 MEDIUMAMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
CVE-2021-467723.9 LOWAMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
CVE-2021-263873.9 LOWAMD Secure Processor和AMD Secure Encrypted Virtualization 安全漏洞
CVE-2023-205133.3 LOWAMD Graphics Driver 安全漏洞
CVE-2023-313663.3 LOWAMD μProf 安全漏洞

显示前 20 条,共 26 条。 查看全部 → →

IV. Related Vulnerabilities

V. Comments for CVE-2022-23817

暂无评论


发表评论