Description:

AMD has released a security alert to address a vulnerability in the following products:

• Server
  • 1st/2nd/3rd Gen AMD EPYC™ Processors
• Desktop
  • AMD Ryzen™ 2000 series Desktop processor
  • AMD Ryzen™ 3000 Series Desktop processor
  • AMD Ryzen™ 5000 Series Desktop processor
  • AMD Ryzen™ 4000 Series Desktop processors with Radeon™ graphics
  • AMD Ryzen™ 5000 Series Desktop processor with Radeon™ graphics
  • AMD Athlon™ X4 processor
  • AMD Ryzen™ Threadripper™ PRO processor
  • 2nd Gen AMD Ryzen™ Threadripper™ processors
  • 3rd Gen AMD Ryzen™ Threadripper™ processors
  • 7th Generation AMD A-Series APUs
  • AMD Ryzen™ 2000 Series Desktop processors
  • AMD Ryzen™ 3000 Series Desktop processors
• High End Desktop (HEDT)
  • 2nd Gen AMD Ryzen™ Threadripper™ processors
  • 3rd Gen AMD Ryzen™ Threadripper™ processors
• Workstation
  • AMD Ryzen™ Threadripper™ PRO processors
• Mobile
  • AMD Athlon™ 3000 Series Mobile processors with Radeon™ graphics
  • AMD Ryzen™ 2000 Series Mobile processor
  • AMD Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile processor with Radeon™ graphics
  • AMD Ryzen™ 3000 Series Mobile processor with Radeon™ graphics
  • AMD Ryzen™ 4000 Series Mobile processors with Radeon™ graphics
  • AMD Ryzen™ 5000 Series Mobile processor with Radeon™ graphics
• Chromebook
  • AMD Athlon™ 3000 Series Mobile processor with Radeon™ graphics
  • AMD Athlon™ Mobile processor with Radeon™ graphics
  • AMD Ryzen™ 3000 Series Mobile processor with Radeon™ graphics

Attacker could exploit this vulnerability by doing the following:

• Execute Arbitrary Code

Best practice and Recommendations:

The CERT team encourages users to review AMD security advisory:

• https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036
• https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1026