Use-after-free in AMD products

#VU78572 Use-after-free in AMD products

Cybersecurity Help s.r.o.

Published: 2023-07-24 | Updated: 2023-07-25

Vulnerability identifier: #VU78572

Vulnerability risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20593

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
AMD Ryzen 3000 Series Desktop processor
Hardware solutions / Firmware
3rd Gen AMD Ryzen Threadripper processors
Hardware solutions / Firmware
AMD Ryzen 4000 Series Desktop processors with Radeon graphics
Hardware solutions / Firmware
AMD Ryzen 5000 Series Mobile processor with Radeon graphics
Hardware solutions / Firmware
AMD Ryzen 4000 Series Mobile processors with Radeon graphics
Hardware solutions / Firmware
AGESA
Hardware solutions / Firmware
AMD Ryzen 7020 Series Processor
Mobile applications / Mobile firmware & hardware

Vendor: AMD

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in AMD Zen2 processors. A local user can trigger a use-after-free error and execute arbitrary code on the system.

Note, the vulnerability was dubbed Zenbleed.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

AMD Ryzen 3000 Series Desktop processor: All versions

3rd Gen AMD Ryzen Threadripper processors: All versions

AMD Ryzen 4000 Series Desktop processors with Radeon graphics: All versions

AMD Ryzen 5000 Series Mobile processor with Radeon graphics: All versions

AMD Ryzen 4000 Series Mobile processors with Radeon graphics: All versions

AMD Ryzen 7020 Series Processor: All versions

External links
http://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=b250b32ab1d044953af2dc5e790819a7703b7ee6
http://lock.cmpxchg8b.com/zenbleed.html
http://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html