Ryzen 5 Pro 3400g Firmware Security Vulnerabilities and Issues — Ryzen 5 Pro 3400g Firmware CVE List

Lucene search

AmdRyzen 5 Pro 3400g Firmware

11 matches found

CVE•added 2023/08/08 6:15 p.m.•328 views

CVE-2023-20588

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

5.5CVSS6.9AI score0.03997EPSS

CVE•added 2023/11/14 7:15 p.m.•108 views

CVE-2022-23821

Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.

9.8CVSS9.5AI score0.00327EPSS

CVE•added 2024/01/16 5:15 p.m.•83 views

CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called local memory on various architectures.

6.5CVSS6.2AI score0.02129EPSS

CVE•added 2022/11/09 9:15 p.m.•77 views

CVE-2020-12930

Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.5AI score0.00061EPSS

CVE•added 2022/11/09 9:15 p.m.•75 views

CVE-2021-26393

Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confiden...

5.5CVSS6.2AI score0.00077EPSS

CVE•added 2023/01/11 8:15 a.m.•73 views

CVE-2021-26346

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

5.5CVSS6AI score0.00051EPSS

CVE•added 2022/11/09 9:15 p.m.•69 views

CVE-2020-12931

Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.3AI score0.00061EPSS

CVE•added 2022/11/09 9:15 p.m.•65 views

CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.

7.8CVSS8.1AI score0.00076EPSS

CVE•added 2023/11/14 7:15 p.m.•63 views

CVE-2022-23820

Failure to validate the AMD SMM communication buffermay allow an attacker to corrupt the SMRAM potentially leading to arbitrarycode execution.

9.8CVSS8.5AI score0.00184EPSS

CVE•added 2023/08/08 6:15 p.m.•45 views

CVE-2023-20589

An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.

6.8CVSS6.7AI score0.00083EPSS

CVE•added 2023/05/09 7:15 p.m.•44 views

CVE-2021-26365

Certain size values in firmware binary headerscould trigger out of bounds reads during signature validation, leading todenial of service or potentially limited leakage of information aboutout-of-bounds memory contents.

8.2CVSS8.7AI score0.00174EPSS