Advisory Published


First published: Tue Nov 15 2022(Updated: )

Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL Purley-R: Whitley: Cedar Island: Eagle Stream: Greenlow/Greenlow-R(skylake/kabylake): Trunk Mehlow/Mehlow-R (CoffeeLake-S): Trunk Tatlow (RKL-S): Trunk Denverton: Snow Ridge: Trunk Graneville DE: Grangeville DE NS: Bakerville: Idaville: Whiskey Lake: Trunk Comet Lake-S: Trunk Tiger Lake H/UP3: Alder Lake: Gemini Lake: Not Affected Apollo Lake: Not Affected Elkhart Lake: AMD ROME: trunk MILAN: GENOA: Snowy Owl: Trunk R1000: R2000: V2000: Trunk V3000: Ryzen 5000: Embedded ROME: Trunk Embedded MILAN: Trunk Hygon Hygon #1/#2: Hygon #3: https://www.insyde.com/security-pledge/SA-2022060

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Amd Genoa Firmware<
Amd Genoa
Amd Hygon 1 Firmware<
Amd Hygon 1
Amd Hygon 2 Firmware<
Amd Hygon 2
Amd Hygon 3 Firmware<
Amd Hygon 3
Amd Milan Firmware<
Amd Milan
Amd Milan Firmware<
Amd Milan
Amd Rome Firmware<
Amd Rome Firmware<
Amd Ryzen 5300g Firmware<
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware<
Amd Ryzen 5300ge
Amd Ryzen 5600g Firmware<
Amd Ryzen 5600g
Amd Ryzen 5600ge Firmware<
Amd Ryzen 5600ge
Amd Ryzen 5600x Firmware<
Amd Ryzen 5600x
Amd Ryzen 5700g Firmware<
Amd Ryzen 5700g
Amd Ryzen 5700ge Firmware<
Amd Ryzen 5700ge
Amd Ryzen 5800x Firmware<
Amd Ryzen 5800x
Amd Ryzen 5800x3d Firmware<
Amd Ryzen 5800x3d
Amd Ryzen 5900x Firmware<
Amd Ryzen 5900x
Amd Ryzen 5950x Firmware<
Amd Ryzen 5950x
Amd Snowy Owl R1000 Firmware<
Amd Snowy Owl R1000
Amd Snowy Owl R2000 Firmware<
Amd Snowy Owl R2000
Amd Snowy Owl V2000 Firmware<
Amd Snowy Owl V2000
Amd Snowy Owl V3000 Firmware<
Amd Snowy Owl V3000
Intel Alder Lake Firmware<
Intel Alder Lake
Intel Bakerville Firmware<
Intel Bakerville
Intel Cedar Island Firmware<
Intel Cedar Island
Intel Idaville Firmware<
Intel Idaville
Intel Comet Lake-s Firmware<
Intel Comet Lake-s
Intel Tiger Lake H\/up3 Firmware<
Intel Tiger Lake H\/up3
Intel Whiskey Lake Firmware<
Intel Whiskey Lake
Intel Denverton Firmware<
Intel Denverton
Intel Eagle Stream Firmware<
Intel Eagle Stream
Intel Grangeville De Ns Firmware<
Intel Grangeville De Ns
Intel Granville De Firmware<
Intel Granville De
Intel Greenlow Firmware<
Intel Greenlow
Intel Greenlow-r Firmware<
Intel Greenlow-r
Intel Mehlow Firmware<
Intel Mehlow
Intel Mehlow-r Firmware<
Intel Mehlow-r
Intel Tatlow Firmware<
Intel Tatlow
Intel Purley-r Firmware<
INTEL Purley-R
Intel Whitley Firmware<
Intel Whitley

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.


SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203