Primary

Context

AMD Processors TOCTOU Race Condition Vulnerability Allowing Out-of-Bounds Memory Access

Vulnerability

Patched

A TOCTOU race condition has been identified in the System Management Mode (SMM) communications buffer of AMD processors. This vulnerability could allow a privileged attacker to bypass input validation and execute out-of-bounds read or write operations. Such actions may lead to unauthorized memory access, with potential consequences for the confidentiality, integrity, or availability of the system.

Impact

Exploitation of this vulnerability could result in unauthorized memory access, allowing for out-of-bounds read or write operations. Such actions could disrupt normal system functions or compromise sensitive data.

Remediation

Users are advised to update to the Platform Initialization (PI) version 1.0.1.2c or later. For specific update instructions, please contact the original equipment manufacturer (OEM).

Added: Feb 10, 2026, 9:05 PM

Updated: Feb 11, 2026, 2:52 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

2.4

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

2.4

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD Processors TOCTOU Race Condition Vulnerability Allowing Out-of-Bounds Memory Access

Vulnerability

Impact

Remediation

Affected Products

AMD Ryzen 7000

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating