Ryzen 7 2700 Firmware@- Security Vulnerabilities and Issues — Ryzen 7 2700 Firmware@- CVE List

Lucene search

AmdRyzen 7 2700 Firmware-

14 matches found

CVE•added 2022/03/11 6:15 p.m.•368 views

CVE-2021-26401

LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.

5.6CVSS6.5AI score0.90621EPSS

CVE•added 2022/07/12 7:15 p.m.•314 views

CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.

6.5CVSS7.3AI score0.01411EPSS

CVE•added 2022/07/14 8:15 p.m.•311 views

CVE-2022-23825

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

6.5CVSS6.8AI score0.00222EPSS

CVE•added 2022/03/11 6:15 p.m.•250 views

CVE-2021-26341

Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.

6.5CVSS7.2AI score0.00052EPSS

CVE•added 2022/11/09 9:15 p.m.•207 views

CVE-2022-23824

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.

5.5CVSS5.6AI score0.00024EPSS

CVE•added 2022/06/15 8:15 p.m.•125 views

CVE-2022-23823

A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.

6.5CVSS6AI score0.00815EPSS

CVE•added 2022/05/12 7:15 p.m.•108 views

CVE-2021-26368

Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service.

4.9CVSS5.4AI score0.00059EPSS

CVE•added 2022/05/12 6:16 p.m.•87 views

CVE-2021-26366

An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity.

7.1CVSS7.1AI score0.00139EPSS

CVE•added 2022/05/12 7:15 p.m.•84 views

CVE-2021-26386

A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution.

7.8CVSS8AI score0.00206EPSS

CVE•added 2022/05/12 7:15 p.m.•83 views

CVE-2021-26317

Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution.

7.8CVSS8.1AI score0.00206EPSS

CVE•added 2022/05/12 6:16 p.m.•80 views

CVE-2021-26362

A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability.

7.1CVSS7.2AI score0.00135EPSS

CVE•added 2022/05/12 6:16 p.m.•74 views

CVE-2021-26361

A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure.

5.5CVSS6AI score0.00139EPSS

CVE•added 2022/05/12 6:16 p.m.•73 views

CVE-2021-26369

A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses.

7.8CVSS7.8AI score0.00148EPSS

CVE•added 2022/08/10 8:15 p.m.•64 views

CVE-2021-46778

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive inform...

5.6CVSS5.7AI score0.00099EPSS