{"api_version":"1","generated_at":"2026-05-15T11:36:18+00:00","cve":"CVE-2022-23817","urls":{"html":"https://cve.report/CVE-2022-23817","api":"https://cve.report/api/cve/CVE-2022-23817.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-23817","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-23817"},"summary":{"title":"CVE-2022-23817","description":"Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.","state":"PUBLISHED","assigner":"AMD","published_at":"2024-08-13 17:15:18","updated_at":"2026-05-15 05:16:30"},"problem_types":["CWE-20","CWE-120","CWE-20 CWE-20  Improper Input Validation","CWE-120 CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"],"metrics":[{"version":"4.0","source":"psirt@amd.com","type":"Secondary","score":"7.3","severity":"HIGH","vector":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}},{"version":"4.0","source":"CNA","type":"CVSS","score":"7.3","severity":"HIGH","vector":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","data":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"PRESENT","attackVector":"LOCAL","baseScore":7.3,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"}}],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.html","name":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.html","refsource":"psirt@amd.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.html","name":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.html","refsource":"psirt@amd.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html","name":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html","refsource":"psirt@amd.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.html","name":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.html","refsource":"psirt@amd.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-23817","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23817","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"AMD","product":"AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics","version":"unaffected PicassoPI-FP5 1.0.0.E","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors","version":"unaffected ChagallWSPI-sWRX8 1.0.0.5","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors","version":"unaffected CastlePeakWSPI-sWRX8 1.0.0.A","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics","version":"unaffected ComboAM4v2 PI 1.2.0.8","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors","version":"unaffected ChagallWSPI-sWRX8 1.0.0.5","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics","version":"unaffected RenoirPI-FP6 1.0.0.A","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics","version":"unaffected PicassoPI-FP5 1.0.0.E","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics","version":"unaffected CezannePI-FP6 1.0.0.C","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 3000 Series Desktop Processors","version":"unaffected ComboAM4V1 1.0.0.A","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 3000 Series Desktop Processors","version":"unaffected ComboAM4V2 1.2.0.9","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 2000 Mobile Processors","version":"unaffected ComboAM4v2 PI 1.2.0.8","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 2000 Mobile Processors","version":"unaffected ComboAM4PI 1.0.0.9","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 4000 Series Desktop Processors","version":"unaffected ComboAM4v2 PI 1.2.0.8","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 5000 Series Desktop Processors","version":"unaffected ComboAM4v2 PI 1.2.0.8","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics","version":"unaffected RembrandtPI-FP7_1.0.0.5","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded R1000 Series Processors","version":"unaffected EmbeddedPI-FP5_1.2.0.A","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded R2000 Series Processors","version":"unaffected EmbeddedR2KPI-FP5 1.0.0.2","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded 5000 Series Processors","version":"unaffected EmbAM4PI 1.0.0.2","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")","version":"unaffected EmbeddedPI-FP5_1.2.0.A","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed \"Picasso\")","version":"unaffected EmbeddedPI-FP5_1.2.0.A","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded V2000 Series Processor","version":"unaffected EmbeddedPI-FP6_1.0.0.8","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded V3000 Series Processors","version":"unaffected EmbeddedPI-FP7r2_1002","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ RX 5000 Series Graphics Products","version":"unaffected AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ PRO W5000 Series Graphics Products","version":"unaffected AMD Software: PRO Edition 22.Q2 (22.10.20)","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ RX 6000 Series Graphics Products","version":"unaffected AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ PRO W6000 Series Graphics Products","version":"unaffected AMD Software: PRO Edition 22.Q2 (22.10.20)","platforms":[]},{"source":"CNA","vendor":"AMD","product":"MI-25 / 50","version":"unaffected No fix planned","platforms":[]},{"source":"CNA","vendor":"AMD","product":"MI-100","version":"unaffected ROCm 6.4.2","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Instinct™ MI250","version":"unaffected ROCm 7.0","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Instinct™ MI210","version":"unaffected ROCm 7.0","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_3_3300x_firmware","version":"unaffected comboam4v2_1.2.0.a custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_3_3300u_firmware","version":"unaffected picassopi-fp5_1.0.0.e custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_3_pro_3200g_firmware","version":"unaffected comboam4v2_pi_1.2.0.8 custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_5_7500f_firmware","version":"unaffected comboam5_1.0.8.0 custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_threadripper_pro_3995wx_firmware","version":"unaffected castlepeakpi-sp3r3_1.0.0.8 custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_threadripper_pro_3995wx_firmware","version":"unaffected castlepeakwspi-swrx8_1.0.0.a custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_threadripper_pro_5995wx_firmware","version":"unaffected chagallwspi-swrx8_1.0.0.5 custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_3_4300u_firmware","version":"unaffected renoirpi-fp6_1.0.0.a custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_5_6600u_firmware","version":"unaffected rembrandtpi-fp7_1.0.0.5 custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_3_7335u_firmware","version":"unaffected rembrandtpi-fp7_1.0.0.5 custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_7_7745hx_firmware","version":"unaffected dragonrangefl1pi_1.0.0.3b custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_5_5600x_firmware","version":"unaffected comboam4v2_pi_1.2.0.8 custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_3_5300g_firmware","version":"unaffected cezannepi-fp6_1.0.0.c custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"ryzen_3_5425c_firmware","version":"unaffected cezannepi-fp6_1.0.0.c custom","platforms":[]},{"source":"ADP","vendor":"amd","product":"athlon_pro_300ge_firmware","version":"unaffected picassopi-fp5_1.0.0.e custom","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"affected":[{"cpes":["cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_3_3300x_firmware","vendor":"amd","versions":[{"lessThan":"comboam4v2_1.2.0.a","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_3_3300u_firmware","vendor":"amd","versions":[{"lessThan":"picassopi-fp5_1.0.0.e","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_3_pro_3200g_firmware","vendor":"amd","versions":[{"lessThan":"comboam4v2_pi_1.2.0.8","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_5_7500f_firmware","vendor":"amd","versions":[{"lessThan":"comboam5_1.0.8.0","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_threadripper_pro_3995wx_firmware","vendor":"amd","versions":[{"lessThan":"castlepeakpi-sp3r3_1.0.0.8","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_threadripper_pro_3995wx_firmware","vendor":"amd","versions":[{"lessThan":"castlepeakwspi-swrx8_1.0.0.a","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_threadripper_pro_5995wx_firmware","vendor":"amd","versions":[{"lessThan":"chagallwspi-swrx8_1.0.0.5","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_3_4300u_firmware","vendor":"amd","versions":[{"lessThan":"renoirpi-fp6_1.0.0.a","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_5_6600u_firmware","vendor":"amd","versions":[{"lessThan":"rembrandtpi-fp7_1.0.0.5","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_3_7335u_firmware","vendor":"amd","versions":[{"lessThan":"rembrandtpi-fp7_1.0.0.5","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_7_7745hx_firmware","vendor":"amd","versions":[{"lessThan":"dragonrangefl1pi_1.0.0.3b","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_5_5600x_firmware","vendor":"amd","versions":[{"lessThan":"comboam4v2_pi_1.2.0.8","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_3_5300g_firmware","vendor":"amd","versions":[{"lessThan":"cezannepi-fp6_1.0.0.c","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"ryzen_3_5425c_firmware","vendor":"amd","versions":[{"lessThan":"cezannepi-fp6_1.0.0.c","status":"unaffected","version":"0","versionType":"custom"}]},{"cpes":["cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*","cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*"],"defaultStatus":"affected","product":"athlon_pro_300ge_firmware","vendor":"amd","versions":[{"lessThan":"picassopi-fp5_1.0.0.e","status":"unaffected","version":"0","versionType":"custom"}]}],"metrics":[{"other":{"content":{"id":"CVE-2022-23817","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2024-08-13T17:51:43.434721Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-120","description":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2024-08-16T20:27:19.545Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"affected","product":"AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"PicassoPI-FP5 1.0.0.E"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"ChagallWSPI-sWRX8 1.0.0.5"},{"status":"unaffected","version":"CastlePeakWSPI-sWRX8 1.0.0.A"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"ComboAM4v2 PI 1.2.0.8"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"ChagallWSPI-sWRX8 1.0.0.5"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"RenoirPI-FP6 1.0.0.A"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"PicassoPI-FP5 1.0.0.E"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"CezannePI-FP6 1.0.0.C"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 3000 Series Desktop Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"ComboAM4V1 1.0.0.A"},{"status":"unaffected","version":"ComboAM4V2 1.2.0.9"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 2000 Mobile Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"ComboAM4v2 PI 1.2.0.8"},{"status":"unaffected","version":"ComboAM4PI 1.0.0.9"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 4000 Series Desktop Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"ComboAM4v2 PI 1.2.0.8"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 5000 Series Desktop Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"ComboAM4v2 PI 1.2.0.8"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"RembrandtPI-FP7_1.0.0.5"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded R1000 Series Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"EmbeddedPI-FP5_1.2.0.A"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded R2000 Series Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"EmbeddedR2KPI-FP5 1.0.0.2"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded 5000 Series Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"EmbAM4PI 1.0.0.2"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")","vendor":"AMD","versions":[{"status":"unaffected","version":"EmbeddedPI-FP5_1.2.0.A"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed \"Picasso\")","vendor":"AMD","versions":[{"status":"unaffected","version":"EmbeddedPI-FP5_1.2.0.A"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded V2000 Series Processor","vendor":"AMD","versions":[{"status":"unaffected","version":"EmbeddedPI-FP6_1.0.0.8"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded V3000 Series Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"EmbeddedPI-FP7r2_1002"}]},{"defaultStatus":"affected","product":"AMD Radeon™ RX 5000 Series Graphics Products","vendor":"AMD","versions":[{"status":"unaffected","version":"AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"}]},{"defaultStatus":"affected","product":"AMD Radeon™ PRO W5000 Series Graphics Products","vendor":"AMD","versions":[{"status":"unaffected","version":"AMD Software: PRO Edition 22.Q2 (22.10.20)"}]},{"defaultStatus":"affected","product":"AMD Radeon™ RX 6000 Series Graphics Products","vendor":"AMD","versions":[{"status":"unaffected","version":"AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"}]},{"defaultStatus":"affected","product":"AMD Radeon™ PRO W6000 Series Graphics Products","vendor":"AMD","versions":[{"status":"unaffected","version":"AMD Software: PRO Edition 22.Q2 (22.10.20)"}]},{"defaultStatus":"affected","product":"MI-25 / 50","vendor":"AMD","versions":[{"status":"unaffected","version":"No fix planned"}]},{"defaultStatus":"affected","product":"MI-100","vendor":"AMD","versions":[{"status":"unaffected","version":"ROCm 6.4.2"}]},{"defaultStatus":"affected","product":"AMD Instinct™ MI250","vendor":"AMD","versions":[{"status":"unaffected","version":"ROCm 7.0"}]},{"defaultStatus":"affected","product":"AMD Instinct™ MI210","vendor":"AMD","versions":[{"status":"unaffected","version":"ROCm 7.0"}]}],"datePublic":"2026-05-15T03:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.<br>"}],"value":"Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"PRESENT","attackVector":"LOCAL","baseScore":7.3,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20  Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-05-15T03:03:25.036Z","orgId":"b58fc414-a1e4-4f92-9d70-1add41838648","shortName":"AMD"},"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.html"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.html"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.html"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"AMD PSIRT Automation 1.0"}}},"cveMetadata":{"assignerOrgId":"b58fc414-a1e4-4f92-9d70-1add41838648","assignerShortName":"AMD","cveId":"CVE-2022-23817","datePublished":"2024-08-13T16:51:45.468Z","dateReserved":"2022-01-21T17:14:12.302Z","dateUpdated":"2026-05-15T03:03:25.036Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2024-08-13 17:15:18","lastModifiedDate":"2026-05-15 05:16:30","problem_types":["CWE-20","CWE-120","CWE-20 CWE-20  Improper Input Validation","CWE-120 CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"],"metrics":{"cvssMetricV40":[{"source":"psirt@amd.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2022","CveId":"23817","Ordinal":"1","Title":"CVE-2022-23817","CVE":"CVE-2022-23817","Year":"2022"},"notes":[{"CveYear":"2022","CveId":"23817","Ordinal":"1","NoteData":"Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.","Type":"Description","Title":"CVE-2022-23817"}]}}}