AMD Graphics Driver Vulnerabilities – November 2022
Bulletin ID: AMD-SB-1029
Potential Impact: Varies by CVE, see descriptions below
Severity: Varies by CVE, see descriptions below
Summary
AMD received reports of vulnerabilities potentially affecting some AMD Graphics products. Refer to the CVE Details section for information about each CVE.
CVE Details
Refer to Glossary for explanation of terms
CVE |
Severity |
CVE Description |
CVE-2020-12930
|
High
|
Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity. |
CVE-2020-12931
|
High
|
Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity. |
CVE-2021-26360 |
Medium
|
An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP. |
CVE-2021-26391 |
Medium
|
Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel. |
CVE-2021-26392
|
Medium
|
Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with |
CVE-2021-26393
|
Medium
|
Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confidentiality. |
Affected Products
Graphics Cards
Platform |
Release Version |
Applicable CVE(s) |
AMD Radeon™ RX 5000 Series and AMD Radeon™ PRO W5000 Series Graphics Cards |
AMD Radeon Software v. 22.5.2 AMD Radeon Pro Software for Enterprise v. 22.Q2 Enterprise Driver v. 22.10.20 |
CVE-2020-12930 CVE-2020-12931 CVE-2021-26391 CVE-2021-26392 CVE-2021-26393 |
AMD Radeon™ RX 6000 Series and AMD Radeon™ PRO W6000 Series Graphics Cards |
AMD Radeon Software v. 22.5.2 AMD Radeon Pro Software for Enterprise v. 22.Q2 Enterprise Driver v. 22.10.20 |
CVE-2021-26360 CVE-2021-26391 CVE-2021-26392 CVE-2021-26393 |
AMD Radeon™ RX Vega Series Graphics Cards |
No fix planned |
CVE-2020-12930 CVE-2021-26391 CVE-2021-26392 CVE-2021-26393 |
Client APUs and CPUs
The AGESA™ versions listed below have been released to the Original Equipment Manufacturers (OEM) to mitigate these issues. Please refer to your OEM for the BIOS update specific to your product.
Desktop
CVE |
AMD Ryzen™ 2000 Series Desktop Processors |
AMD Ryzen™ 2000 Series Desktop Processors |
AMD Ryzen™ 3000 Series Desktop Processors |
AMD Ryzen™ 5000 Series Desktop Processors |
AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics |
Minimum version to mitigate all listed CVEs |
Raven-FP5-AM4 1.1.0.F PinnaclePI-AM4 1.0.0.D ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
N/A |
ComboAM4PI 1.0.0.9 ComboAM4 V2 PI 1.2.0.8 (2022-07-27) |
ComboAM4 V2 PI 1.2.0.8 (2022-07-27) |
ComboAM4v2 PI 1.2.0.6 (2022-02-18) |
CVE-2020-12930 |
Raven-FP5-AM4 1.1.0.F PinnaclePI-AM4 1.0.0.D ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
N/A |
ComboAM4PI 1.0.0.9 ComboAM4 V2 PI 1.2.0.8 (2022-07-27) |
ComboAM4 V2 PI 1.2.0.8 (2022-07-27) |
ComboAM4v2 PI 1.2.0.4 (2021-08-25) |
CVE-2020-12931 |
Raven-FP5-AM4 1.1.0.F PinnaclePI-AM4 1.0.0.D ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
N/A |
ComboAM4PI 1.0.0.8 ComboAM4 V2 PI 1.2.0.6 (2022-02-28) |
ComboAM4 V2 PI 1.2.0.6 (2022-01-07) |
ComboAM4v2 PI 1.2.0.4 (2021-08-25) |
CVE-2021-26391 |
N/A |
N/A |
N/A |
N/A |
ComboAM4v2 PI 1.2.0.5 (2021-11-20) |
CVE-2021-26392 |
Raven-FP5-AM4 1.1.0.F PinnaclePI-AM4 1.0.0.D ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
N/A |
ComboAM4PI 1.0.0.9 ComboAM4 V2 PI 1.2.0.8 (2022-07-27) |
ComboAM4 V2 PI 1.2.0.8 (2022-07-27) |
ComboAM4v2 PI 1.2.0.6 (2022-02-18) |
CVE-2021-26393 |
Raven-FP5-AM4 1.1.0.E PinnaclePI-AM4 1.0.0.C (RV1) ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.6c (2022-02-28) |
N/A |
N/A |
N/A |
ComboAM4v2 PI 1.2.0.6 (2022-02-18) |
CVE-2021-26360 |
N/A |
N/A |
N/A |
N/A |
N/A |
High End Desktop
CVE |
2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax” |
3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT |
Minimum version to mitigate all listed CVEs |
N/A |
CastlePeakPI-SP3r3 1.0.0.7 (2022-01-28) |
CVE-2020-12930 |
N/A
|
CastlePeakPI-SP3r3 1.0.0.7 (2022-01-28) |
CVE-2020-12931 |
N/A |
CastlePeakPI-SP3r3 1.0.0.7 (2022-01-28) |
CVE-2021-26391 |
N/A |
N/A |
CVE-2021-26392 |
N/A |
CastlePeakPI-SP3r3 1.0.0.7 (2022-01-28) |
CVE-2021-26393 |
N/A |
N/A |
CVE-2021-26360 |
N/A |
N/A |
Workstation
CVE |
AMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS |
AMD Ryzen™ Threadripper™ PRO Processors “Chagall” WS |
Minimum version to mitigate all listed CVEs |
CastlePeakWSPI-sWRX8 1.0.0.9 ChagallWSPI-sWRX8 1.0.0.2 (2022-01-20) |
ChagallWSPI-sWRX8 1.0.0.2 (2022-01-07) |
CVE-2020-12930 |
CastlePeakWSPI-sWRX8 1.0.0.9 ChagallWSPI-sWRX8 1.0.0.2 (2022-01-20) |
ChagallWSPI-sWRX8 1.0.0.2 (2022-01-07) |
CVE-2020-12931 |
CastlePeakWSPI-sWRX8 1.0.0.9 ChagallWSPI-sWRX8 1.0.0.2 (2022-01-20) |
ChagallWSPI-sWRX8 1.0.0.2 (2022-01-07) |
CVE-2021-26391 |
N/A |
N/A |
CVE-2021-26392 |
CastlePeakWSPI-sWRX8 1.0.0.9 ChagallWSPI-sWRX8 1.0.0.2 (2022-01-20) |
ChagallWSPI-sWRX8 1.0.0.2 (2022-01-07) |
CVE-2021-26393 |
N/A |
N/A |
CVE-2021-26360 |
N/A |
N/A |
Mobile- AMD Athlon™ Series
CVE |
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP |
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock” |
Minimum version to mitigate all listed CVEs |
PicassoPI-FP5 1.0.0.E (2022-07-06) |
PollockPI-FT5 1.0.0.4 (2022-06-29) |
CVE-2020-12930 |
PicassoPI-FP5 1.0.0.E (2022-07-06) |
PollockPI-FT5 1.0.0.4 (2022-06-29) |
CVE-2020-12931 |
PicassoPI-FP5 1.0.0.E (2022-07-06) |
PollockPI-FT5 1.0.0.4 (2022-06-29) |
CVE-2021-26391 |
N/A |
N/A |
CVE-2021-26392 |
PicassoPI-FP5 1.0.0.E (2022-07-06) |
PollockPI-FT5 1.0.0.4 (2022-06-29) |
CVE-2021-26393 |
PicassoPI-FP5 1.0.0.D |
PollockPI-FT5 1.0.0.4 (2022-06-29) |
CVE-2021-26360 |
N/A |
N/A |
Mobile - AMD Ryzen™ Series
CVE |
AMD Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5 |
AMD Ryzen™ 3000 Series Mobile Processors, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso” |
AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6 |
AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne” |
AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne” |
AMD Ryzen™ 6000 Series Mobile Processors "Rembrandt" |
Minimum version to mitigate all listed CVEs |
Raven-FP5-AM4 1.1.0.F PinnaclePI-AM4 1.0.0.D ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
PicassoPI-FP5 1.0.0.E ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
RenoirPI-FP6 1.0.0.8 ComboAM4v2 PI 1.2.0.6 (2022-01-19) |
CezannePI-FP6 1.0.0.9 (2022-02-18) |
CezannePI-FP6 1.0.0.9 (2022-02-18) |
N/A |
CVE-2020-12930 |
Raven-FP5-AM4 1.1.0.F PinnaclePI-AM4 1.0.0.D ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
PicassoPI-FP5 1.0.0.E ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.4 (2021-08-25) |
CezannePI-FP6 1.0.0.4 (6E) (2021-06-23) |
CezannePI-FP6 1.0.0.4 (6E) (2021-08-25) |
N/A |
CVE-2020-12931 |
Raven-FP5-AM4 1.1.0.F PinnaclePI-AM4 1.0.0.D ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
PicassoPI-FP5 1.0.0.E ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.4 (2021-11-02) |
CezannePI-FP6 1.0.0.4 (2021-06-23) |
CezannePI-FP6 1.0.0.4 (2021-08-25) |
N/A |
CVE-2021-26391 |
N/A |
N/A |
RenoirPI-FP6 1.0.0.7 ComboAM4v2 PI 1.2.0.5 (2021-11-20) |
CezannePI-FP6 1.0.0.6 (2021-11-20) |
CezannePI-FP6 1.0.0.6 (2021-11-20) |
N/A |
CVE-2021-26392 |
Raven-FP5-AM4 1.1.0.F PinnaclePI-AM4 1.0.0.D ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
PicassoPI-FP5 1.0.0.E ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8 (2022-07-27) |
RenoirPI-FP6 1.0.0.8 ComboAM4v2 PI 1.2.0.6 (2022-01-19) |
CezannePI-FP6 1.0.0.9 (2022-02-18) |
CezannePI-FP6 1.0.0.9 (2022-02-18) |
N/A) |
CVE-2021-26393 |
Raven-FP5-AM4 1.1.0.E PinnaclePI-AM4 1.0.0.C (RV1) ComboAM4PI 1.0.0.8/ComboAM4v2 PI 1.2.0.6c (2022-02-28) |
PicassoPI-FP5 1.0.0.D ComboAM4PI 1.0.0.8 ComboAM4v2 PI 1.2.0.6c (2022-02-28) |
RenoirPI-FP6 1.0.0.8 ComboAM4v2 PI 1.2.0.6 (2022-01-19) |
CezannePI-FP6 1.0.0.9 (2022-02-18) |
CezannePI-FP6 1.0.0.9 (2022-02-18) |
N/A |
CVE-2021-26360 |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
Mitigation
AMD recommends updating the AMD Graphics Driver to the version recommended for your product below. Please refer to your Original Equipment Manufacturer (OEM) for the driver update specific to your product.
Acknowledgement
AMD thanks the following for reporting these issues and engaging in coordinated vulnerability disclosure.
- Lucas Bouillot of the Apple Media Products RedTeam : CVE-2020-12930, -CVE-2020-12931
- Mahdi Braik of the Apple Media Products RedTeam : CVE-2021-26391,CVE-2021-26392,CVE-2021-26393
- Internally reported: CVE-2021-26360
Revisions
Revision Date |
Description |
11/08/2022 |
Initial publication |
DISCLAIMER
The information contained herein is for informational purposes only and is subject to change without notice. While every precaution has been taken in the preparation of this document, it may contain technical inaccuracies, omissions, and typographical errors, and AMD is under no obligation to update or otherwise correct this information. Advanced Micro Devices, Inc. makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and assumes no liability of any kind, including the implied warranties of non-infringement, merchantability, or fitness for particular purposes, with respect to the operation or use of AMD hardware, software or other products described herein. Any computer system has risks of security vulnerabilities that cannot be completely prevented or mitigated. No license, including implied or arising by estoppel, to any intellectual property rights is granted by this document. Terms and limitations applicable to the purchase or use of AMD’s products are as set forth in a signed agreement between the parties or in AMD's Standard Terms and Conditions of Sale.
AMD, the AMD Arrow logo, and combinations thereof are trademarks of Advanced Micro Devices, Inc. Other product names used in this publication are for identification purposes only and may be trademarks of their respective companies.
© 2023 Advanced Micro Devices, Inc. All rights reserved.