AMD Radeon Graphics and Processors Type Confusion Vulnerability Allowing Memory Manipulation

A type confusion vulnerability has been identified in the AMD Secure Processor (ASP), specifically within the Reliability, Availability, and Serviceability Trusted Application (RAS TA). This vulnerability could enable an attacker to pass a malformed argument to the RAS TA, potentially leading to unauthorized read or write operations in shared memory. The issue could result in a loss of confidentiality, integrity, or availability. This vulnerability affects several AMD graphics products, including the AMD Radeon 7000 series and AMD Radeon Pro W7000 series graphics cards, as well as certain AMD Ryzen processors with integrated graphics.

Impact

Exploitation of this vulnerability could lead to unauthorized memory access, allowing for potential manipulation of data or disruption of services, with a specific risk of memory corruption that could be exploited to execute arbitrary code or cause a system crash.

Remediation

Users are advised to update to the latest version of the AMD Software: Adrenalin Edition or AMD Software: PRO Edition, depending on their specific graphics product. For AMD Ryzen processors, refer to the AMD Radeon Graphics Cards tables for the appropriate driver version.