AMD SMM Callout Privilege Escalation Bug Disclosed For APUs

Written by Michael Larabel in AMD on 18 June 2020 at 08:29 AM EDT. 23 Comments
AMD
AMD has made public "SMM Callout Privilege Escalation" or more formally CVE-2020-12890 as an AGESA vulnerability that could lead to arbitrary code execution on APUs.

The SMM Callout Privilege Escalation impacts mobile/embedded AMD APUs that could lead to arbitrary code execution undetected by the operating system. Affected hardware was launched between 2016 and 2019. AMD is shipping updated AGESA to motherboard vendors for mitigating the issue. Updated AGESA should be out for most systems before the end of the month.

More details on the AMD SMM Callout Privilege Escalation bug via AMD product security.
23 Comments
Related News
AMD Announces Versal Gen 2 Adaptive SoCs - AI Focused & Newer Arm Cores
SolidRun Launches Bedrock R8000 As First Industrial PCs With Ryzen Embedded 8000 Series
AMD Announces Ryzen Embedded 8000 Series With Focus On Industrial AI
AMD XDNA Linux Driver For Ryzen AI, Zen 5 Compiler Support & Other AMD Q1 Highlights
Linux Fixes Botched SRSO Mitigation For AMD Zen 3 / Zen 4
GCC Compiler Adds Support For Device Offloading With AMD RDNA3 APUs (GFX1103)
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives
Ubuntu Maker Canonical Announces New Collaboration With Qualcomm
Fedora 41 Looks To "-O3" Optimizations For Its Python Build
APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
KDE's KWin Merges Wayland Explicit Sync Support
Gentoo Linux Now An SPI Project