Ryzen 5 5500 Firmware@* Security Vulnerabilities and Issues — Ryzen 5 5500 Firmware@* CVE List

Lucene search

AmdRyzen 5 5500 Firmware*

13 matches found

CVE•added 2023/08/08 6:15 p.m.•359 views

CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.0065EPSS

CVE•added 2022/05/11 5:15 p.m.•110 views

CVE-2021-26376

Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.

5.5CVSS5.9AI score0.00061EPSS

CVE•added 2022/05/11 5:15 p.m.•91 views

CVE-2021-26388

Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.

5.5CVSS5.8AI score0.00045EPSS

CVE•added 2022/05/11 5:15 p.m.•90 views

CVE-2021-26375

Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.

5.5CVSS5.8AI score0.00063EPSS

CVE•added 2022/05/11 5:15 p.m.•86 views

CVE-2021-26378

Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.

5.5CVSS5.8AI score0.00069EPSS

CVE•added 2022/05/11 5:15 p.m.•83 views

CVE-2021-26373

Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.

5.5CVSS5.9AI score0.00069EPSS

CVE•added 2023/11/14 7:15 p.m.•66 views

CVE-2023-20571

A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.

8.1CVSS6.8AI score0.21337EPSS

CVE•added 2023/11/14 7:15 p.m.•65 views

CVE-2023-20563

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

7.8CVSS8.7AI score0.0011EPSS

CVE•added 2023/11/14 7:15 p.m.•57 views

CVE-2021-46774

Insufficient DRAM address validation in SystemManagement Unit (SMU) may allow an attacker to read/write from/to an invalidDRAM address, potentially resulting in denial-of-service.

7.5CVSS7.8AI score0.00022EPSS

CVE•added 2023/11/14 7:15 p.m.•56 views

CVE-2023-20533

Insufficient DRAM address validation in SystemManagement Unit (SMU) may allow an attacker to read/write from/to an invalidDRAM address, potentially resulting in denial-of-service.

7.5CVSS7.5AI score0.00033EPSS

CVE•added 2023/08/08 6:15 p.m.•54 views

CVE-2023-20555

Insufficient input validation inCpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwritingan arbitrary bit in an attacker-controlled pointer potentially leading toarbitrary code execution in SMM.

7.8CVSS7.7AI score0.00041EPSS

CVE•added 2023/05/09 7:15 p.m.•52 views

CVE-2021-26356

A TOCTOU in ASP bootloader may allow an attackerto tamper with the SPI ROM following data read to memory potentially resultingin S3 data corruption and information disclosure.

7.4CVSS8.4AI score0.00135EPSS

CVE•added 2023/11/14 7:15 p.m.•52 views

CVE-2023-20565

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

7.8CVSS8.7AI score0.0011EPSS