First published: Tue Aug 13 2024(Updated: )
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
Credit: psirt@amd.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
AMD Athlon Silver 3050U | <picassopi-fp5_1.0.0.e | |
AMD Athlon Silver 3050U firmware | ||
All of | ||
AMD Athlon Gold 3150U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Athlon Gold 3150U | ||
All of | ||
AMD Ryzen 7 3780U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 7 3780U Firmware | ||
All of | ||
AMD Ryzen 7 3750H Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 7 3750H Firmware | ||
All of | ||
AMD Ryzen 7 Pro 3700U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 7 Pro 3700U Firmware | ||
All of | ||
AMD Ryzen 7 Pro 3700U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 7 3700U | ||
All of | ||
AMD Ryzen 5 3580U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 5 3580U Firmware | ||
All of | ||
AMD Ryzen 5 3550H Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 5 3550H Firmware | ||
All of | ||
AMD Ryzen 5 Pro 3500U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 5 3500U Firmware | ||
All of | ||
AMD Ryzen 3 Pro 3300U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 3 Pro 3300U | ||
All of | ||
AMD Ryzen 3 3250U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 3 3250U Firmware | ||
All of | ||
AMD Ryzen 3 3200U Firmware | <picassopi-fp5_1.0.0.e | |
AMD Ryzen 3 3200U Firmware | ||
All of | ||
AMD Athlon Gold Pro 3150G Firmware | ||
AMD Athlon Gold Pro 3150G Firmware | ||
All of | ||
AMD Athlon Gold Pro 3150G Firmware | ||
AMD Athlon Gold 3150G Firmware | ||
All of | ||
AMD Athlon Gold Pro 3150GE | ||
AMD Athlon Gold Pro 3150GE Firmware | ||
All of | ||
AMD Athlon Pro 300GE Firmware | ||
AMD Athlon Pro 300GE Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-23815 is classified as a high severity vulnerability due to potential arbitrary code execution.
To fix CVE-2022-23815, update the firmware of the affected AMD processors to the version above picassopi-fp5_1.0.0.e.
CVE-2022-23815 impacts various AMD Athlon and Ryzen processors with specific firmware versions.
CVE-2022-23815 allows an attacker to perform an out-of-bounds write, which can lead to arbitrary code execution.
If your device uses affected AMD firmware versions listed under CVE-2022-23815, it is vulnerable.