Vulnerability Description
Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amd | Enterprise Driver | < 22.10.20 |
| Amd | Radeon Pro Software | < 22.q2 |
| Amd | Radeon Software | < 22.5.2 |
| Amd | Radeon Pro W5500 | - |
| Amd | Radeon Pro W5500X | - |
| Amd | Radeon Pro W5700 | - |
| Amd | Radeon Pro W5700X | - |
| Amd | Radeon Rx 5300 | - |
| Amd | Radeon Rx 5300 Xt | - |
| Amd | Radeon Rx 5300M | - |
| Amd | Radeon Rx 5500 | - |
| Amd | Radeon Rx 5500 Xt | - |
| Amd | Radeon Rx 5500M | - |
| Amd | Radeon Rx 5600 | - |
| Amd | Radeon Rx 5600 Xt | - |
| Amd | Radeon Rx 5600M | - |
| Amd | Radeon Rx 5700 | - |
| Amd | Radeon Rx 5700 Xt | - |
| Amd | Radeon Rx 5700M | - |
| Amd | Ryzen 3 2200Ge Firmware | - |
References
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029Vendor Advisory
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029Vendor Advisory
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001
FAQ
What is CVE-2020-12931?
CVE-2020-12931 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
How severe is CVE-2020-12931?
CVE-2020-12931 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-12931?
Check the references section above for vendor advisories and patch information. Affected products include: Amd Enterprise Driver, Amd Radeon Pro Software, Amd Radeon Software, Amd Radeon Pro W5500, Amd Radeon Pro W5500X.