Ryzen 3 5300u Firmware@- Security Vulnerabilities and Issues — Ryzen 3 5300u Firmware@- CVE List

Lucene search

AmdRyzen 3 5300u Firmware-

12 matches found

CVE•added 2023/07/24 8:15 p.m.•297 views

CVE-2023-20593

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

5.5CVSS7.2AI score0.0632EPSS

CVE•added 2023/03/01 8:15 a.m.•191 views

CVE-2022-27672

When SMT is enabled, certain AMD processors may speculatively execute instructions using a targetfrom the sibling thread after an SMT mode switch potentially resulting in information disclosure.

4.7CVSS6.2AI score0.00115EPSS

CVE•added 2023/01/11 8:15 a.m.•110 views

CVE-2021-26316

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.

7.8CVSS8AI score0.00075EPSS

CVE•added 2024/01/16 5:15 p.m.•83 views

CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called local memory on various architectures.

6.5CVSS6.2AI score0.02129EPSS

CVE•added 2022/11/09 9:15 p.m.•77 views

CVE-2020-12930

Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.5AI score0.00061EPSS

CVE•added 2022/11/09 9:15 p.m.•75 views

CVE-2021-26393

Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confiden...

5.5CVSS6.2AI score0.00077EPSS

CVE•added 2023/01/11 8:15 a.m.•73 views

CVE-2021-26346

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

5.5CVSS6AI score0.00051EPSS

CVE•added 2022/11/09 9:15 p.m.•69 views

CVE-2020-12931

Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.3AI score0.00061EPSS

CVE•added 2022/11/09 9:15 p.m.•65 views

CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.

7.8CVSS8.1AI score0.00076EPSS

CVE•added 2022/08/10 8:15 p.m.•64 views

CVE-2021-46778

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive inform...

5.6CVSS5.7AI score0.00099EPSS

CVE•added 2022/11/09 9:15 p.m.•62 views

CVE-2021-26391

Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.

7.8CVSS7.9AI score0.00026EPSS

CVE•added 2023/08/08 6:15 p.m.•45 views

CVE-2023-20589

An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.

6.8CVSS6.7AI score0.00083EPSS