A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.

amd / epyc_7763_firmware+83

Local

Published May 11, 2022

CVE-2021-26346

MEDIUM5.5

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

amd / ryzen_3_3100_firmware+103

Local

Published Jan 11, 2023

CVE-2022-27672

MEDIUM4.7

When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.

amd / athlon_x4_750_firmware+169

Local

Published Mar 1, 2023