#VU65205 Processor optimization removal or modification of security-critical code in AMD Hardware solutions


Published: 2022-07-12

Vulnerability identifier: #VU65205

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29900

CWE-ID: CWE-1037

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
AMD Athlon X4 processor
Hardware solutions / Firmware
AMD Ryzen Threadripper PRO processor
Hardware solutions / Firmware
2nd Gen AMD Ryzen Threadripper processors
Hardware solutions / Firmware
3rd Gen AMD Ryzen Threadripper processors
Hardware solutions / Firmware
7th Generation AMD A-Series APUs
Hardware solutions / Firmware
AMD Ryzen 2000 series Desktop processor
Hardware solutions / Firmware
AMD Ryzen 3000 Series Desktop processor
Hardware solutions / Firmware
AMD Ryzen 4000 Series Desktop processors with Radeon graphics
Hardware solutions / Firmware
AMD Ryzen 2000 Series Mobile processor
Hardware solutions / Firmware
AMD Athlon 3000 Series Mobile processors with Radeon Graphics
Hardware solutions / Firmware
AMD Ryzen 3000 Series Mobile processor
Hardware solutions / Firmware
2nd Gen AMD Ryzen Mobile processor with Radeon graphics
Hardware solutions / Firmware
AMD Ryzen 4000 Series Mobile processors with Radeon graphics
Hardware solutions / Firmware
AMD Ryzen 5000 Series Mobile processor with Radeon graphics
Hardware solutions / Firmware
AMD Athlon Mobile processor with Radeon graphics
Hardware solutions / Firmware
1st Gen AMD EPYC Processors
Hardware solutions / Firmware
2nd Gen AMD EPYC Processors
Hardware solutions / Firmware

Vendor: AMD

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a mistrained branch predictions for return instructions. A local user can execute arbitrary speculative code under certain microarchitecture-dependent conditions. The vulnerability was dubbed  RETbleed.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

AMD Athlon X4 processor: All versions

AMD Ryzen Threadripper PRO processor: All versions

2nd Gen AMD Ryzen Threadripper processors: All versions

3rd Gen AMD Ryzen Threadripper processors: All versions

7th Generation AMD A-Series APUs: All versions

AMD Ryzen 2000 series Desktop processor: All versions

AMD Ryzen 3000 Series Desktop processor: All versions

AMD Ryzen 4000 Series Desktop processors with Radeon graphics: All versions

AMD Ryzen 2000 Series Mobile processor: All versions

AMD Athlon 3000 Series Mobile processors with Radeon Graphics: All versions

AMD Ryzen 3000 Series Mobile processor: All versions

2nd Gen AMD Ryzen Mobile processor with Radeon graphics: All versions

AMD Ryzen 4000 Series Mobile processors with Radeon graphics: All versions

AMD Ryzen 5000 Series Mobile processor with Radeon graphics: All versions

AMD Athlon Mobile processor with Radeon graphics: All versions

1st Gen AMD EPYC Processors: All versions

2nd Gen AMD EPYC Processors: All versions


CPE

External links
http://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability