Ryzen 5 2700 Firmware Security Vulnerabilities and Issues — Ryzen 5 2700 Firmware CVE List

Lucene search

AmdRyzen 5 2700 Firmware

11 matches found

CVE•added 2022/07/12 7:15 p.m.•319 views

CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

6.5CVSS7.3AI score0.01411EPSS

CVE•added 2022/07/14 8:15 p.m.•316 views

CVE-2022-23825

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

6.5CVSS6.8AI score0.00222EPSS

CVE•added 2022/11/09 9:15 p.m.•207 views

CVE-2022-23824

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.

5.5CVSS5.6AI score0.00024EPSS

CVE•added 2022/06/15 8:15 p.m.•125 views

CVE-2022-23823

A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.

6.5CVSS6AI score0.00449EPSS

CVE•added 2022/05/10 7:15 p.m.•101 views

CVE-2021-26390

A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.

6.2CVSS6.9AI score0.00137EPSS

CVE•added 2022/05/11 5:15 p.m.•91 views

CVE-2021-26388

Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.

5.5CVSS5.8AI score0.00045EPSS

CVE•added 2022/05/11 5:15 p.m.•83 views

CVE-2021-26373

Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.

5.5CVSS5.9AI score0.00069EPSS

CVE•added 2022/05/10 7:15 p.m.•77 views

CVE-2021-26352

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.

5.5CVSS6.3AI score0.00135EPSS

CVE•added 2022/07/14 8:15 p.m.•76 views

CVE-2021-26384

A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources.

7.8CVSS7.9AI score0.00099EPSS

CVE•added 2023/04/02 9:15 p.m.•76 views

CVE-2023-20558

Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges.

8.8CVSS8.6AI score0.00255EPSS

CVE•added 2023/04/02 9:15 p.m.•44 views

CVE-2023-20559

Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges.

8.8CVSS8.6AI score0.00255EPSS