Vulnerabilities (CVE)

Filtered by vendor Amd Subscribe
Filtered by product Athlon Gold 3150g
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-20521 1 Amd 186 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 183 more 2024-06-18 N/A 5.7 MEDIUM
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
CVE-2023-20588 5 Amd, Debian, Fedoraproject and 2 more 78 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 75 more 2024-06-10 N/A 5.5 MEDIUM
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 
CVE-2021-46754 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-02-13 N/A 9.1 CRITICAL
Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss of confidentiality and integrity.
CVE-2023-20555 1 Amd 238 Athlon 3015ce, Athlon 3015ce Firmware, Athlon 3015e and 235 more 2024-02-05 N/A 7.8 HIGH
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.
CVE-2023-20589 1 Amd 244 4700s, 4700s Firmware, Athlon Gold 3150c and 241 more 2024-02-05 N/A 6.8 MEDIUM
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. 
CVE-2021-46792 1 Amd 110 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 107 more 2024-02-04 N/A 5.9 MEDIUM
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service.
CVE-2021-46759 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-02-04 N/A 6.1 MEDIUM
Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity.
CVE-2021-46794 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-02-04 N/A 7.5 HIGH
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.
CVE-2021-46753 1 Amd 132 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 129 more 2024-02-04 N/A 9.1 CRITICAL
Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity.
CVE-2021-46749 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-02-04 N/A 7.5 HIGH
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.