CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

amd

ryzen_pro_3900_firmware

6 known vulnerabilities · sorted by CVSS score

CVE-2023-20571

HIGH8.1

A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.

amd / ryzen_3_5100_firmware+71

Network

Published Nov 14, 2023

CVE-2023-20565

HIGH7.8

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

amd / ryzen_3_5100_firmware+71

Local

Published Nov 14, 2023

CVE-2023-20563

HIGH7.8

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

amd / ryzen_3_5100_firmware+71

Local

Published Nov 14, 2023

CVE-2020-12965

HIGH7.5

When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage.

amd / ryzen_pro_5650g_firmware+65

Network

Published Feb 4, 2022

CVE-2021-26346

MEDIUM5.5

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

amd / ryzen_3_3100_firmware+103

Local

Published Jan 11, 2023

CVE-2021-26337

MEDIUM5.5

Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests.

amd / ryzen_9_3900x_firmware+111

Local

Published Nov 16, 2021