Athlon Gold 3150g Firmware Security Vulnerabilities and Issues — Athlon Gold 3150g Firmware CVE List

Lucene search

AmdAthlon Gold 3150g Firmware

12 matches found

CVE•added 2023/08/08 6:15 p.m.•328 views

CVE-2023-20588

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

5.5CVSS6.9AI score0.03997EPSS

CVE•added 2023/11/14 7:15 p.m.•60 views

CVE-2023-20521

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.

5.7CVSS6.1AI score0.00037EPSS

CVE•added 2023/05/09 8:15 p.m.•58 views

CVE-2021-46754

Insufficient input validation in the ASP (AMDSecure Processor) bootloader may allow an attacker with a compromised Uapp orABL to coerce the bootloader into exposing sensitive information to the SMU(System Management Unit) resulting in a potential loss of confidentiality andintegrity.

9.1CVSS9.1AI score0.00131EPSS

CVE•added 2024/08/13 5:15 p.m.•58 views

CVE-2022-23815

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

8.2CVSS8AI score0.00031EPSS

CVE•added 2023/08/08 6:15 p.m.•54 views

CVE-2023-20555

Insufficient input validation inCpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwritingan arbitrary bit in an attacker-controlled pointer potentially leading toarbitrary code execution in SMM.

7.8CVSS7.7AI score0.00041EPSS

CVE•added 2023/05/09 7:15 p.m.•53 views

CVE-2021-46753

Failure to validate the length fields of the ASP(AMD Secure Processor) sensor fusion hub headers may allow an attacker with amalicious Uapp or ABL to map the ASP sensor fusion hub region and overwritedata structures leading to a potential loss of confidentiality and integrity.

9.1CVSS9.1AI score0.00178EPSS

CVE•added 2023/05/09 8:15 p.m.•51 views

CVE-2021-46794

Insufficient bounds checking in ASP (AMD SecureProcessor) may allow for an out of bounds read in SMI (System ManagementInterface) mailbox checksum calculation triggering a data abort, resulting in apotential denial of service.

7.5CVSS7.8AI score0.00156EPSS

CVE•added 2023/05/09 8:15 p.m.•48 views

CVE-2021-46792

Time-of-check Time-of-use (TOCTOU) in theBIOS2PSP command may allow an attacker with a malicious BIOS to create a racecondition causing the ASP bootloader to perform out-of-bounds SRAM reads uponan S3 resume event potentially leading to a denial of service.

5.9CVSS6.5AI score0.00122EPSS

CVE•added 2024/08/13 5:15 p.m.•47 views

CVE-2021-26367

A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.

6CVSS7.2AI score0.00022EPSS

CVE•added 2023/08/08 6:15 p.m.•45 views

CVE-2023-20589

An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.

6.8CVSS6.7AI score0.00083EPSS

CVE•added 2023/05/09 8:15 p.m.•40 views

CVE-2021-46759

Improper syscall input validation in AMD TEE(Trusted Execution Environment) may allow an attacker with physical access andcontrol of a Uapp that runs under the bootloader to reveal the contents of theASP (AMD Secure Processor) bootloader accessible memory to a serial port,resulting in a potential l...

6.1CVSS6.6AI score0.00048EPSS

CVE•added 2023/05/09 7:15 p.m.•39 views

CVE-2021-46749

7.5CVSS7.8AI score0.00156EPSS