Lucene search

K
AmdRyzen 5 6600hs Firmware*

9 matches found

cve
cve
added 2023/08/08 6:15 p.m.359 views

CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.0065EPSS
cve
cve
added 2024/02/13 8:15 p.m.82 views

CVE-2023-20579

ImproperAccess Control in the AMD SPI protection feature may allow a user with Ring0(kernel mode) privileged access to bypass protections potentially resulting inloss of integrity and availability.

6CVSS6.7AI score0.00005EPSS
cve
cve
added 2023/11/14 7:15 p.m.66 views

CVE-2023-20571

A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.

8.1CVSS6.8AI score0.21337EPSS
cve
cve
added 2023/11/14 7:15 p.m.65 views

CVE-2023-20563

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

7.8CVSS8.7AI score0.0011EPSS
cve
cve
added 2023/08/08 6:15 p.m.54 views

CVE-2023-20555

Insufficient input validation inCpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwritingan arbitrary bit in an attacker-controlled pointer potentially leading toarbitrary code execution in SMM.

7.8CVSS7.7AI score0.00041EPSS
cve
cve
added 2023/11/14 7:15 p.m.52 views

CVE-2023-20565

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

7.8CVSS8.7AI score0.0011EPSS
cve
cve
added 2023/11/14 7:15 p.m.51 views

CVE-2021-46758

Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.

6.1CVSS6.6AI score0.001EPSS
cve
cve
added 2023/11/14 7:15 p.m.51 views

CVE-2023-20596

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.

9.8CVSS9.6AI score0.0053EPSS
cve
cve
added 2023/05/09 7:15 p.m.44 views

CVE-2021-26365

Certain size values in firmware binary headerscould trigger out of bounds reads during signature validation, leading todenial of service or potentially limited leakage of information aboutout-of-bounds memory contents.

8.2CVSS8.7AI score0.00174EPSS