Preface: The SmmMemLib[.]c library is part of the EDK II (EFI Development Kit II) project, which is an open-source implementation of the UEFI (Unified Extensible Firmware Interface) and PI (Platform Initialization) specifications. This library is specifically used for memory management within System Management Mode (SMM).

Background: The AMD Ryzen processors do not specifically use the SmmMemLib[.]c library. Instead, AMD provides a set of optimized libraries known as the AMD Optimizing CPU Libraries (AOCL), which are designed for high-performance computing and scientific applications. These libraries include various components like AOCL-BLAS, AOCL-LAPACK, AOCL-FFTW, and more. AMD Optimizing CPU Libraries (AOCL) are a set of numerical libraries optimized for AMD “Zen”-based processors, including EPYCTM , RyzenTM ThreadripperTM , and RyzenTM .

Vulnerability details: Analysis by AMD is that a ring 0 attacker could modify boot service tables to point to their own code, potentially resulting in arbitrary code execution. AMD has released mitigations to address this vulnerability. SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution.

Official announcement: Please refer to link for details –
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7028.html