Ryzen 3 5300ge Firmware@- Security Vulnerabilities and Issues — Ryzen 3 5300ge Firmware@- CVE List

Lucene search

AmdRyzen 3 5300ge Firmware-

13 matches found

CVE•added 2023/01/11 8:15 a.m.•110 views

CVE-2021-26316

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.

7.8CVSS8AI score0.00075EPSS

CVE•added 2022/05/10 7:15 p.m.•101 views

CVE-2021-26390

A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.

6.2CVSS6.9AI score0.00137EPSS

CVE•added 2024/01/16 5:15 p.m.•83 views

CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called local memory on various architectures.

6.5CVSS6.2AI score0.02129EPSS

CVE•added 2022/11/09 9:15 p.m.•77 views

CVE-2020-12930

Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.5AI score0.00061EPSS

CVE•added 2022/05/10 7:15 p.m.•77 views

CVE-2021-26352

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.

5.5CVSS6.3AI score0.00135EPSS

CVE•added 2022/11/09 9:15 p.m.•75 views

CVE-2021-26393

Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confiden...

5.5CVSS6.2AI score0.00077EPSS

CVE•added 2023/01/11 8:15 a.m.•73 views

CVE-2021-26346

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

5.5CVSS6AI score0.00051EPSS

CVE•added 2022/11/09 9:15 p.m.•69 views

CVE-2020-12931

Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.3AI score0.00061EPSS

CVE•added 2023/05/09 7:15 p.m.•67 views

CVE-2021-26354

Insufficient bounds checking in ASP may allow anattacker to issue a system call from a compromised ABL which may causearbitrary memory values to be initialized to zero, potentially leading to aloss of integrity.

5.5CVSS7.2AI score0.00044EPSS

CVE•added 2022/11/09 9:15 p.m.•65 views

CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.

7.8CVSS8.1AI score0.00076EPSS

CVE•added 2022/08/10 8:15 p.m.•64 views

CVE-2021-46778

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive inform...

5.6CVSS5.7AI score0.00099EPSS

CVE•added 2022/11/09 9:15 p.m.•62 views

CVE-2021-26391

Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.

7.8CVSS7.9AI score0.00026EPSS

CVE•added 2023/08/08 6:15 p.m.•45 views

CVE-2023-20589

An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.

6.8CVSS6.7AI score0.00083EPSS