TPM Out of Bounds Access

Bulletin ID:  AMD-SB-7002
Potential Impact:Varies by CVE, see descriptions below
Severity: Varies by CVE, see descriptions below

Summary

Researchers have identified two potential vulnerabilities that affect systems using the TPM 2.0 reference implementation, including some systems using AMD CPUs. These vulnerabilities may allow an attacker, who has gained authenticated access through a local account on an affected system, read and write access to protected areas of the TPM’s memory.

Existing protections prevent code execution or exfiltration of data, but the out of bounds access may cause an error, potentially resulting in a denial of service.

CVE Details

Refer to Glossary for explanation of terms

CVE	Severity	Description
CVE-2023-1018	Medium	An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command as in the above described OOB read routines. An attacker who can successfully exploit this vulnerability can read sensitive data stored in the TPM.
CVE-2023-1017	High	An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command as in the above described OOB write routines. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.

Affected Product

Desktop

2nd Gen AMD Ryzen™ Threadripper™ Processors

Mitigation

The AGESA™ version listed below is released to the Original Equipment Manufacturers (OEM) to address the potential vulnerabilities identified above. Please refer to your OEM for the BIOS update specific to your product.

Program Name	Code Name	AGESA Version
2nd Gen AMD Ryzen™ Threadripper™ Processors	“Colfax”	SummitPI-SP3r2 1.1.0.7

Acknowledgement

AMD thanks Quarkslab Vulnerability Reports Team for reporting this issue and engaging in coordinated vulnerability disclosure.

Revisions

Revision Date	Description
4/11/2023	Initial publication

Data Center

Business Systems

Personal & Gaming

Embedded

Resources

GPU Accelerators

Adaptive Accelerators

DPU Accelerators

Ethernet Adapters

Workstations

Desktops

Laptops

Resources

Adaptive SoCs & FPGAs

System-on-Modules (SOMs)

Technologies

Resources

Evaluation Boards & Kits

Processor Tools

Graphics Tools & Apps

Adaptive SoC & FPGA Tools

Intellectual Property & Apps

GPU Accelerator Tools & Apps

Overview

For Data Center & Cloud

For Edge & Endpoints

For Developers

Industries

Industries

Industries

Industries

Industries

Workloads

Gaming

Systems

Technologies

Resources

EPYC Processors

Radeon Graphics & AMD Chipsets

Adaptive SoCs & FPGAs

Alveo Accelerators & Kria SOMs

Ryzen Processors

Ethernet Adapters

Overview

Processors

Accelerators

Adaptive SoCs, FPGAs, & SOMs

Graphics

Overview

Resources by Market Segment

Resources by Product

Resources by Type

About Our Partners

AMD Global Support

Processors & Graphics

Accelerators

Adaptive SoCs & FPGAs

Gaming & Personal Computing

Adaptive & Embedded Computing

Get AMD Fan Gear

Shop Our Retail Partners

TPM Out of Bounds Access

Summary

CVE Details

Affected Product

Mitigation

Acknowledgement

Revisions