Vulnerabilities (CVE)

Filtered by vendor Amd Subscribe
Filtered by product Ryzen 3300x
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-46754 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-02-13 N/A 9.1 CRITICAL
Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss of confidentiality and integrity.
CVE-2021-46792 1 Amd 110 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 107 more 2024-02-04 N/A 5.9 MEDIUM
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service.
CVE-2021-46759 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-02-04 N/A 6.1 MEDIUM
Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity.
CVE-2021-46794 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-02-04 N/A 7.5 HIGH
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.
CVE-2021-46753 1 Amd 132 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 129 more 2024-02-04 N/A 9.1 CRITICAL
Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity.
CVE-2021-46749 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-02-04 N/A 7.5 HIGH
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.
CVE-2021-46755 1 Amd 46 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 43 more 2024-02-04 N/A 7.5 HIGH
Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service.
CVE-2021-46773 1 Amd 126 Ryzen 1200 \(af\), Ryzen 1200 \(af\) Firmware, Ryzen 1600 \(af\) and 123 more 2024-02-04 N/A 8.8 HIGH
Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution.
CVE-2021-46765 1 Amd 88 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 85 more 2024-02-04 N/A 7.5 HIGH
Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.