Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20597 | 1 Amd | 202 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 199 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | |||||
| CVE-2023-20594 | 1 Amd | 250 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 247 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | |||||
| CVE-2023-20559 | 1 Amd | 178 Athlon Gold 3150u, Athlon Gold 3150u Firmware, Athlon Silver 3050u and 175 more | 2024-11-21 | N/A | 8.8 HIGH |
| Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges. | |||||
| CVE-2023-20558 | 1 Amd | 178 Athlon Gold 3150u, Athlon Gold 3150u Firmware, Athlon Silver 3050u and 175 more | 2024-11-21 | N/A | 8.8 HIGH |
| Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges. | |||||
| CVE-2022-29900 | 4 Amd, Debian, Fedoraproject and 1 more | 249 A10-9600p, A10-9600p Firmware, A10-9630p and 246 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | |||||
| CVE-2022-23825 | 4 Amd, Debian, Fedoraproject and 1 more | 249 A10-9600p, A10-9600p Firmware, A10-9630p and 246 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | |||||
| CVE-2022-23824 | 3 Amd, Fedoraproject, Xen | 336 A10-9600p, A10-9600p Firmware, A10-9630p and 333 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. | |||||
| CVE-2022-23823 | 1 Amd | 284 A10-9600p, A10-9600p Firmware, A10-9630p and 281 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. | |||||
| CVE-2021-46778 | 1 Amd | 358 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 355 more | 2024-11-21 | N/A | 5.6 MEDIUM |
| Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information. | |||||
| CVE-2021-46774 | 1 Amd | 274 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 271 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service. | |||||
| CVE-2021-26316 | 1 Amd | 294 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 291 more | 2024-11-21 | N/A | 7.8 HIGH |
| Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution. | |||||