CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

CVE-2022-23825

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

CVE-2022-23824

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.

CVE-2022-23823

A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.

CVE-2021-26390

A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.

CVE-2021-26388

Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.

CVE-2021-26373

Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.

CVE-2021-26352

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.

CVE-2021-26384

A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources.