Home
MEDIUM: 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:NDefault status
affected
DragonRangeFL1PI 1.0.0.3h
unaffected
Default status
affected
ComboAM5PI 1.0.0.b
unaffected
ComboAM5PI 1.1.0.3d
unaffected
ComboAM5PI 1.2.0.3d
unaffected
Default status
affected
FireRangeFL1PI 1.0.0.0a
unaffected
Default status
affected
ComboAM5PI 1.1.0.3d
unaffected
ComboAM5PI 1.2.0.3d
unaffected
Default status
affected
ComboAM5PI 1.2.0.3d
unaffected
Default status
affected
EmbeddedAM5PI 1.0.0.4
unaffected
Description
A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.
Problem types
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
Product status
DragonRangeFL1PI 1.0.0.3h
ComboAM5PI 1.0.0.b
ComboAM5PI 1.1.0.3d
ComboAM5PI 1.2.0.3d
FireRangeFL1PI 1.0.0.0a
ComboAM5PI 1.1.0.3d
ComboAM5PI 1.2.0.3d
ComboAM5PI 1.2.0.3d
EmbeddedAM5PI 1.0.0.4
References
www.amd.com/...es/product-security/bulletin/AMD-SB-4013.html