A12-9730P Firmware Security Vulnerabilities

CVE-2021-26341

Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.

CVE-2021-26401

LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.

CVE-2022-23823

A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.

CVE-2022-23824

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.

CVE-2022-23825

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

CVE-2022-27672

When SMT is enabled, certain AMD processors may speculatively execute instructions using a targetfrom the sibling thread after an SMT mode switch potentially resulting in information disclosure.

CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.