Search
Search Results (20 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26346 | 1 Amd | 208 Ryzen 3 3100, Ryzen 3 3100 Firmware, Ryzen 3 3200g and 205 more | 2025-04-09 | 5.5 Medium |
| Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service. | ||||
| CVE-2021-26316 | 1 Amd | 294 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 291 more | 2025-04-09 | 7.8 High |
| Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution. | ||||
| CVE-2021-46794 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | 7.5 High |
| Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. | ||||
| CVE-2021-46773 | 1 Amd | 126 Ryzen 1200 \(af\), Ryzen 1200 \(af\) Firmware, Ryzen 1600 \(af\) and 123 more | 2025-01-28 | 8.8 High |
| Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution. | ||||
| CVE-2021-46753 | 1 Amd | 132 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 129 more | 2025-01-28 | 9.1 Critical |
| Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity. | ||||
| CVE-2021-46749 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | 7.5 High |
| Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. | ||||
| CVE-2021-46759 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-27 | 6.1 Medium |
| Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity. | ||||
| CVE-2023-20571 | 1 Amd | 142 Ryzen 3 5100, Ryzen 3 5100 Firmware, Ryzen 3 5125c and 139 more | 2024-11-21 | 8.1 High |
| A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. | ||||
| CVE-2023-20565 | 1 Amd | 142 Ryzen 3 5100, Ryzen 3 5100 Firmware, Ryzen 3 5125c and 139 more | 2024-11-21 | 7.8 High |
| Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-20563 | 1 Amd | 154 Ryzen 3 5100, Ryzen 3 5100 Firmware, Ryzen 3 5125c and 151 more | 2024-11-21 | 7.8 High |
| Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-46754 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2024-11-21 | 9.1 Critical |
| Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss of confidentiality and integrity. | ||||
| CVE-2021-26337 | 1 Amd | 224 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 221 more | 2024-11-21 | 5.5 Medium |
| Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. | ||||
| CVE-2021-26318 | 1 Amd | 10 Athlon, Athlon Firmware, Athlon Pro and 7 more | 2024-11-21 | 4.7 Medium |
| A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information. | ||||
| CVE-2020-12965 | 1 Amd | 126 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 123 more | 2024-11-21 | 7.5 High |
| When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage. | ||||
| CVE-2018-8936 | 1 Amd | 8 Epyc Server, Epyc Server Firmware, Ryzen and 5 more | 2024-11-21 | N/A |
| The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation. | ||||
| CVE-2018-8935 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2024-11-21 | N/A |
| The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW. | ||||
| CVE-2018-8934 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2024-11-21 | N/A |
| The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW. | ||||
| CVE-2018-8932 | 1 Amd | 4 Ryzen, Ryzen Firmware, Ryzen Pro and 1 more | 2024-11-21 | N/A |
| The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4. | ||||
| CVE-2018-8931 | 1 Amd | 6 Ryzen, Ryzen Firmware, Ryzen Mobile and 3 more | 2024-11-21 | N/A |
| The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1. | ||||
| CVE-2018-8930 | 1 Amd | 8 Epyc Server, Epyc Server Firmware, Ryzen and 5 more | 2024-11-21 | N/A |
| The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. | ||||
Page 1 of 1.