CNNVD-202602-1442 Information
CNNVD ID
CNNVD-202602-1442
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
AMD Ryzen和AMD EPYC都是美国超威半导体(AMD)公司的产品。AMD Ryzen是一款中央处理器(CPU)。AMD EPYC是一款高性能服务器处理器。 AMD多款产品存在安全漏洞,该漏洞源于输入验证不当,可能导致具有Ring0访问权限的攻击者写入SMRAM并修改S3唤醒执行流程,进而造成任意代码执行。以下产品受到影响:AMD EPYC™ 9004 Series Processors、AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors、AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics、AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors、AMD Ryzen™ Z1 Series Processors、AMD Ryzen™ 9000 Series Desktop Processors等。
Description (English)
Both AMD Ryzen and AMD EPYC are products of U.S. Supermassive Semiconductor (AMD). AMD Ryzen is a central processor (CPU). AMD EPYC is a high-performance server processor. There is a security loophole in the AMD multi-products, which stems from inappropriate input validation, which could lead to the possible inclusion of an attacker with Ring0 access access to SMRAM and the modification of the S3 alerting process, leading to arbitrary code enforcement. The following products have been affected: AMD EPYCTM 904 Series Products, AMD RyzenTM ThreadreperTM PRO 5000 WX-Series Products, AMD RyzenTM 5000 Series Mobile Products with RadeonTM Graphics, AMD RyzenTM ThareadripperTM PRO 3000 WX-Series Products, AMD RyzenTM Z1 Series Documents, AMD RyzenTM 9000 Series Products.
Vulnerability Type
其他
Affected Vendor
超微半导体
Published
2026-02-10
Last Modified
2026-02-24
References
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html https://www.amd.com/en/resources/product-security/bulletin/Emb-Auto.html
Patch
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html
Share on: