Lucene search
+L
AmdRyzen 5900 Firmware

10 matches found

CVE
CVE
added 2023/09/20 5:32 p.m.85 views

CVE-2023-20597

CVE-2023-20597 concerns improper initialization of variables in the AMD DXE driver, leading to potential local-information disclosure. The vulnerability is discussed across multiple sources (AMD/SB-4007 and related advisories), which describe memory-leak risks in the DXE driver and note mitigatio...

5.5CVSS5.1AI score0.00171EPSS
CVE
CVE
added 2023/05/09 7:0 p.m.75 views

CVE-2021-46754

CVE-2021-46754: Insufficient input validation in the ASP bootloader can allow a compromised UApp/ABL to expose sensitive information to the SMU, risking confidentiality and integrity. AMD-SB-5001 lists this CVE with Medium severity and provides firmware-based mitigations via Platform Initializati...

9.1CVSS9.1AI score0.00565EPSS
CVE
CVE
added 2023/05/09 7:0 p.m.70 views

CVE-2021-46753

CVE-2021-46753 affects the AMD Secure Processor (ASP) sensor fusion hub headers. The issue is described as failure to validate the length fields of these headers, which could allow a malicious UApp or ABL to map the ASP sensor fusion hub region and overwrite data structures, potentially compromis...

9.1CVSS9.1AI score0.0056EPSS
CVE
CVE
added 2023/09/20 5:27 p.m.70 views

CVE-2023-20594

CVE-2023-20594 concerns the AMD DXE driver. The root cause is improper initialization of variables in the DXE driver, which may allow a privileged local user to leak sensitive information. Impact is information disclosure with local access; attack vector is local. The vulnerability affects AMD DX...

4.4CVSS4.3AI score0.00175EPSS
CVE
CVE
added 2023/05/09 7:1 p.m.66 views

CVE-2021-46765

CVE-2021-46765 describes an vulnerability in the AMD Secure Processor (ASP) and AMD System Management Unit (SMU), caused by insufficient input validation in the ASP. The issue can permit an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to...

7.5CVSS7.7AI score0.00616EPSS
CVE
CVE
added 2023/05/09 7:1 p.m.65 views

CVE-2021-46794

CVE-2021-46794 refers to an insufficient bounds check in the AMD Secure Processor (ASP) that may allow an out-of-bounds read in the System Management Interface (SMI) mailbox checksum calculation, triggering a data abort and potentially causing denial of service. Connected documents corroborate th...

7.5CVSS7.8AI score0.00616EPSS
CVE
CVE
added 2023/05/09 7:0 p.m.64 views

CVE-2021-46759

Consolidated details for CVE-2021-46759 show an improper syscall input validation in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE). Attack requires physical access and control of a UApp running under the bootloader to read ASP bootloader memory via a serial port, potentially ...

6.1CVSS6.6AI score0.00284EPSS
CVE
CVE
added 2023/05/09 7:1 p.m.63 views

CVE-2021-46792

The CVE-2021-46792 entry refers to TOCTOU in the BIOS2PSP command within AMD’s AMD Secure Processor (ASP) and related ASP bootloader logic. The described impact is a race that can cause the ASP bootloader to perform out-of-bounds SRAM reads during S3 resume, potentially yielding a denial of servi...

5.9CVSS6.5AI score0.00395EPSS
CVE
CVE
added 2023/05/09 6:59 p.m.58 views

CVE-2021-46749

CVE-2021-46749 corresponds to an out-of-bounds read vulnerability in the AMD Secure Processor (ASP) affecting the System Management Interface (SMI) mailbox checksum calculation, caused by insufficient bounds checking. The vulnerability can trigger a data abort and potentially lead to a denial of ...

7.5CVSS7.8AI score0.00616EPSS
CVE
CVE
added 2023/05/09 7:1 p.m.50 views

CVE-2021-46773

CVE-2021-46773 involves insufficient input validation in the AMD bootloader (ABL) that may allow a privileged attacker to corrupt the AMD Secure Processor (ASP) memory, potentially resulting in loss of integrity or code execution. The connected documents provide concrete details: the vulnerabilit...

8.8CVSS8.8AI score0.00771EPSS