CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
20.5%
Bulletin ID: AMD-SB-7002 **Potential Impact:**Varies by CVE, see descriptions below **Severity:**Varies by CVE, see descriptions below
Researchers have identified two potential vulnerabilities that affect systems using the TPM 2.0 reference implementation, including some systems using AMD CPUs. These vulnerabilities may allow an attacker, who has gained authenticated access through a local account on an affected system, read and write access to protected areas of the TPM’s memory.
Existing protections prevent code execution or exfiltration of data, but the out of bounds access may cause an error, potentially resulting in a denial of service.
Refer to Glossary for explanation of terms
CVE | Severity | Description |
---|---|---|
CVE-2023-1018 | Medium | An out-of-bounds read vulnerability exists in TPM2.0’s Module Library allowing a 2-byte read past the end of a TPM2.0 command as in the above described OOB read routines. An attacker who can successfully exploit this vulnerability can read sensitive data stored in the TPM. |
CVE-2023-1017 | High | An out-of-bounds write vulnerability exists in TPM2.0’s Module Library allowing writing of a 2-byte data past the end of TPM2.0 command as in the above described OOB write routines. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. |
Desktop
2nd Gen AMD Ryzen™ Threadripper™ Processors
The AGESA™ version listed below is released to the Original Equipment Manufacturers (OEM) to address the potential vulnerabilities identified above. Please refer to your OEM for the BIOS update specific to your product.
Program Name | Code Name | AGESA Version |
---|---|---|
2nd Gen AMD Ryzen™ Threadripper™ Processors | “Colfax” | SummitPI-SP3r2 1.1.0.7 |