CVE-2023-20555 Information

Description

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.

Reference

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4003