2023-11-14
|
CVE-2022-23820
|
Failure to validate the AMD SMM communication buffer
may allow an attacker to corrupt the SMRAM potentially leading to arbitrary
code execution.
|
Athlon_3015ce_firmware, Athlon_3015e_firmware, Ryzen_3_3100_firmware, Ryzen_3_3300u_firmware, Ryzen_3_3300x_firmware, Ryzen_3_3350u_firmware, Ryzen_3_4300u_firmware, Ryzen_3_5100_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_7335u_firmware, Ryzen_5_3450u_firmware, Ryzen_5_3500_firmware, Ryzen_5_3500c_firmware, Ryzen_5_3500u_firmware, Ryzen_5_3500x_firmware, Ryzen_5_3550h_firmware, Ryzen_5_3580u_firmware, Ryzen_5_3600_firmware, Ryzen_5_3600x_firmware, Ryzen_5_3600xt_firmware, Ryzen_5_4500u_firmware, Ryzen_5_4600h_firmware, Ryzen_5_4600hs_firmware, Ryzen_5_4600u_firmware, Ryzen_5_4680u_firmware, Ryzen_5_55003xd_firmware, Ryzen_5_5500_firmware, Ryzen_5_5500h_firmware, Ryzen_5_5500x_firmware, Ryzen_5_5560u_firmware, Ryzen_5_56003xd_firmware, Ryzen_5_5600_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5600x_firmware, Ryzen_5_5625u_firmware, Ryzen_5_6600h_firmware, Ryzen_5_6600hs_firmware, Ryzen_5_6600u_firmware, Ryzen_5_7535hs_firmware, Ryzen_5_7535u_firmware, Ryzen_5_pro_3350g_firmware, Ryzen_5_pro_3350ge_firmware, Ryzen_5_pro_3400g_firmware, Ryzen_5_pro_3400ge_firmware, Ryzen_5_pro_5645_firmware, Ryzen_7_3700c_firmware, Ryzen_7_3700u_firmware, Ryzen_7_3700x_firmware, Ryzen_7_3750h_firmware, Ryzen_7_3780u_firmware, Ryzen_7_3800x_firmware, Ryzen_7_3800xt_firmware, Ryzen_7_4700u_firmware, Ryzen_7_4800h_firmware, Ryzen_7_4800hs_firmware, Ryzen_7_4800u_firmware, Ryzen_7_4980u_firmware, Ryzen_7_5700_firmware, Ryzen_7_5700x_firmware, Ryzen_7_5800_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5800x_firmware, Ryzen_7_5825u_firmware, Ryzen_7_6800h_firmware, Ryzen_7_6800hs_firmware, Ryzen_7_6800u_firmware, Ryzen_7_7735hs_firmware, Ryzen_7_7735u_firmware, Ryzen_7_7736u_firmware, Ryzen_7_pro_5845_firmware, Ryzen_9_3900_firmware, Ryzen_9_3900x_firmware, Ryzen_9_3900xt_firmware, Ryzen_9_3950x_firmware, Ryzen_9_4900h_firmware, Ryzen_9_4900hs_firmware, Ryzen_9_5900_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5900x_firmware, Ryzen_9_5950x_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_9_6900hs_firmware, Ryzen_9_6900hx_firmware, Ryzen_9_6980hs_firmware, Ryzen_9_6980hx_firmware, Ryzen_9_pro_5945_firmware, Ryzen_threadripper_2920x_firmware, Ryzen_threadripper_2950x_firmware, Ryzen_threadripper_2970wx_firmware, Ryzen_threadripper_2990wx_firmware, Ryzen_threadripper_3960x_firmware, Ryzen_threadripper_3970x_firmware, Ryzen_threadripper_3990x_firmware, Ryzen_threadripper_pro_3945wx_firmware, Ryzen_threadripper_pro_3955wx_firmware, Ryzen_threadripper_pro_3975wx_firmware, Ryzen_threadripper_pro_3995wx_firmware
|
9.8
|
|
|
2023-11-14
|
CVE-2022-23821
|
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
|
Athlon_3015ce_firmware, Athlon_3015e_firmware, Ryzen_3_3100_firmware, Ryzen_3_3200u_firmware, Ryzen_3_3250c_firmware, Ryzen_3_3250u_firmware, Ryzen_3_3300u_firmware, Ryzen_3_3300x_firmware, Ryzen_3_3350u_firmware, Ryzen_3_4300u_firmware, Ryzen_3_5100_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_7335u_firmware, Ryzen_5_3450u_firmware, Ryzen_5_3500_firmware, Ryzen_5_3500c_firmware, Ryzen_5_3500u_firmware, Ryzen_5_3500x_firmware, Ryzen_5_3550h_firmware, Ryzen_5_3580u_firmware, Ryzen_5_3600_firmware, Ryzen_5_3600x_firmware, Ryzen_5_3600xt_firmware, Ryzen_5_4500u_firmware, Ryzen_5_4600h_firmware, Ryzen_5_4600hs_firmware, Ryzen_5_4600u_firmware, Ryzen_5_4680u_firmware, Ryzen_5_55003xd_firmware, Ryzen_5_5500_firmware, Ryzen_5_5500h_firmware, Ryzen_5_5500x_firmware, Ryzen_5_5560u_firmware, Ryzen_5_56003xd_firmware, Ryzen_5_5600_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5600x_firmware, Ryzen_5_5625u_firmware, Ryzen_5_6600h_firmware, Ryzen_5_6600hs_firmware, Ryzen_5_6600u_firmware, Ryzen_5_7535hs_firmware, Ryzen_5_7535u_firmware, Ryzen_5_pro_3350g_firmware, Ryzen_5_pro_3350ge_firmware, Ryzen_5_pro_3400g_firmware, Ryzen_5_pro_3400ge_firmware, Ryzen_5_pro_5645_firmware, Ryzen_7_3700c_firmware, Ryzen_7_3700u_firmware, Ryzen_7_3700x_firmware, Ryzen_7_3750h_firmware, Ryzen_7_3780u_firmware, Ryzen_7_3800x_firmware, Ryzen_7_3800xt_firmware, Ryzen_7_4700u_firmware, Ryzen_7_4800h_firmware, Ryzen_7_4800hs_firmware, Ryzen_7_4800u_firmware, Ryzen_7_4980u_firmware, Ryzen_7_5700_firmware, Ryzen_7_5700x_firmware, Ryzen_7_5800_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5800x_firmware, Ryzen_7_5825u_firmware, Ryzen_7_6800h_firmware, Ryzen_7_6800hs_firmware, Ryzen_7_6800u_firmware, Ryzen_7_7735hs_firmware, Ryzen_7_7735u_firmware, Ryzen_7_7736u_firmware, Ryzen_7_pro_5845_firmware, Ryzen_9_3900_firmware, Ryzen_9_3900x_firmware, Ryzen_9_3900xt_firmware, Ryzen_9_3950x_firmware, Ryzen_9_4900h_firmware, Ryzen_9_4900hs_firmware, Ryzen_9_5900_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5900x_firmware, Ryzen_9_5950x_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_9_6900hs_firmware, Ryzen_9_6900hx_firmware, Ryzen_9_6980hs_firmware, Ryzen_9_6980hx_firmware, Ryzen_9_pro_5945_firmware, Ryzen_threadripper_2920x_firmware, Ryzen_threadripper_2950x_firmware, Ryzen_threadripper_2970wx_firmware, Ryzen_threadripper_2990wx_firmware, Ryzen_threadripper_3960x_firmware, Ryzen_threadripper_3970x_firmware, Ryzen_threadripper_3990x_firmware, Ryzen_threadripper_pro_3945wx_firmware, Ryzen_threadripper_pro_3955wx_firmware, Ryzen_threadripper_pro_3975wx_firmware, Ryzen_threadripper_pro_3995wx_firmware
|
9.8
|
|
|
2023-11-14
|
CVE-2023-20565
|
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
|
Ryzen_3_5100_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5300g_firmware, Ryzen_3_5300ge_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_7335u_firmware, Ryzen_3_pro_7330u_firmware, Ryzen_3_pro_7440u_firmware, Ryzen_5_5500_firmware, Ryzen_5_5500h_firmware, Ryzen_5_5560u_firmware, Ryzen_5_5600g_firmware, Ryzen_5_5600ge_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5625u_firmware, Ryzen_5_6600h_firmware, Ryzen_5_6600hs_firmware, Ryzen_5_6600u_firmware, Ryzen_5_7500f_firmware, Ryzen_5_7535hs_firmware, Ryzen_5_7535u_firmware, Ryzen_5_7600_firmware, Ryzen_5_7600x_firmware, Ryzen_5_pro_7530u_firmware, Ryzen_5_pro_7540u_firmware, Ryzen_5_pro_7545u_firmware, Ryzen_5_pro_7640h_firmware, Ryzen_5_pro_7640hs_firmware, Ryzen_5_pro_7640u_firmware, Ryzen_7_5700_firmware, Ryzen_7_5700g_firmware, Ryzen_7_5700ge_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5825u_firmware, Ryzen_7_6800h_firmware, Ryzen_7_6800hs_firmware, Ryzen_7_6800u_firmware, Ryzen_7_7700_firmware, Ryzen_7_7700x_firmware, Ryzen_7_7735hs_firmware, Ryzen_7_7735u_firmware, Ryzen_7_7736u_firmware, Ryzen_7_7800x3d_firmware, Ryzen_7_pro_7730u_firmware, Ryzen_7_pro_7840h_firmware, Ryzen_7_pro_7840hs_firmware, Ryzen_7_pro_7840u_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_9_6900hs_firmware, Ryzen_9_6900hx_firmware, Ryzen_9_6980hs_firmware, Ryzen_9_6980hx_firmware, Ryzen_9_7900_firmware, Ryzen_9_7900x3d_firmware, Ryzen_9_7900x_firmware, Ryzen_9_7950x3d_firmware, Ryzen_9_7950x_firmware, Ryzen_9_pro_7940h_firmware, Ryzen_9_pro_7940hs_firmware, Ryzen_pro_3900_firmware, Ryzen_pro_7645_firmware, Ryzen_pro_7745_firmware, Ryzen_pro_7945_firmware
|
7.8
|
|
|
2023-11-14
|
CVE-2023-20563
|
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
|
Ryzen_3_5100_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5300g_firmware, Ryzen_3_5300ge_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_7335u_firmware, Ryzen_3_pro_7330u_firmware, Ryzen_3_pro_7440u_firmware, Ryzen_5_5500_firmware, Ryzen_5_5500h_firmware, Ryzen_5_5560u_firmware, Ryzen_5_5600g_firmware, Ryzen_5_5600ge_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5625u_firmware, Ryzen_5_6600h_firmware, Ryzen_5_6600hs_firmware, Ryzen_5_6600u_firmware, Ryzen_5_7500f_firmware, Ryzen_5_7535hs_firmware, Ryzen_5_7535u_firmware, Ryzen_5_7600_firmware, Ryzen_5_7600x_firmware, Ryzen_5_pro_7530u_firmware, Ryzen_5_pro_7540u_firmware, Ryzen_5_pro_7545u_firmware, Ryzen_5_pro_7640h_firmware, Ryzen_5_pro_7640hs_firmware, Ryzen_5_pro_7640u_firmware, Ryzen_7_5700_firmware, Ryzen_7_5700g_firmware, Ryzen_7_5700ge_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5825u_firmware, Ryzen_7_6800h_firmware, Ryzen_7_6800hs_firmware, Ryzen_7_6800u_firmware, Ryzen_7_7700_firmware, Ryzen_7_7700x_firmware, Ryzen_7_7735hs_firmware, Ryzen_7_7735u_firmware, Ryzen_7_7736u_firmware, Ryzen_7_7800x3d_firmware, Ryzen_7_pro_7730u_firmware, Ryzen_7_pro_7840h_firmware, Ryzen_7_pro_7840hs_firmware, Ryzen_7_pro_7840u_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_9_6900hs_firmware, Ryzen_9_6900hx_firmware, Ryzen_9_6980hs_firmware, Ryzen_9_6980hx_firmware, Ryzen_9_7900_firmware, Ryzen_9_7900x3d_firmware, Ryzen_9_7900x_firmware, Ryzen_9_7950x3d_firmware, Ryzen_9_7950x_firmware, Ryzen_9_pro_7940h_firmware, Ryzen_9_pro_7940hs_firmware, Ryzen_pro_3900_firmware, Ryzen_pro_7645_firmware, Ryzen_pro_7745_firmware, Ryzen_pro_7945_firmware
|
7.8
|
|
|
2023-11-14
|
CVE-2021-46758
|
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.
|
Ryzen_3_4300u_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5300g_firmware, Ryzen_3_5300ge_firmware, Ryzen_3_5300u_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_7335u_firmware, Ryzen_3_pro_7330u_firmware, Ryzen_5_4500u_firmware, Ryzen_5_4600h_firmware, Ryzen_5_4600hs_firmware, Ryzen_5_4600u_firmware, Ryzen_5_4680u_firmware, Ryzen_5_5500h_firmware, Ryzen_5_5500u_firmware, Ryzen_5_5560u_firmware, Ryzen_5_5600g_firmware, Ryzen_5_5600ge_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5625u_firmware, Ryzen_5_6600h_firmware, Ryzen_5_6600hs_firmware, Ryzen_5_6600u_firmware, Ryzen_5_7535hs_firmware, Ryzen_5_7535u_firmware, Ryzen_5_pro_7530u_firmware, Ryzen_7_4700u_firmware, Ryzen_7_4800h_firmware, Ryzen_7_4800hs_firmware, Ryzen_7_4800u_firmware, Ryzen_7_4980u_firmware, Ryzen_7_5700g_firmware, Ryzen_7_5700ge_firmware, Ryzen_7_5700u_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5825u_firmware, Ryzen_7_6800h_firmware, Ryzen_7_6800hs_firmware, Ryzen_7_6800u_firmware, Ryzen_7_7735hs_firmware, Ryzen_7_7735u_firmware, Ryzen_7_7736u_firmware, Ryzen_7_7800x3d_firmware, Ryzen_7_pro_7730u_firmware, Ryzen_9_4900h_firmware, Ryzen_9_4900hs_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_9_6900hs_firmware, Ryzen_9_6900hx_firmware, Ryzen_9_6980hs_firmware, Ryzen_9_6980hx_firmware, Ryzen_9_7900x3d_firmware, Ryzen_9_7950x3d_firmware
|
6.1
|
|
|
2023-11-14
|
CVE-2023-20571
|
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
|
Ryzen_3_5100_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5300g_firmware, Ryzen_3_5300ge_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_7335u_firmware, Ryzen_3_pro_7330u_firmware, Ryzen_3_pro_7440u_firmware, Ryzen_5_5500_firmware, Ryzen_5_5500h_firmware, Ryzen_5_5560u_firmware, Ryzen_5_5600g_firmware, Ryzen_5_5600ge_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5625u_firmware, Ryzen_5_6600h_firmware, Ryzen_5_6600hs_firmware, Ryzen_5_6600u_firmware, Ryzen_5_7500f_firmware, Ryzen_5_7535hs_firmware, Ryzen_5_7535u_firmware, Ryzen_5_7600_firmware, Ryzen_5_7600x_firmware, Ryzen_5_pro_7530u_firmware, Ryzen_5_pro_7540u_firmware, Ryzen_5_pro_7545u_firmware, Ryzen_5_pro_7640h_firmware, Ryzen_5_pro_7640hs_firmware, Ryzen_5_pro_7640u_firmware, Ryzen_7_5700_firmware, Ryzen_7_5700g_firmware, Ryzen_7_5700ge_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5825u_firmware, Ryzen_7_6800h_firmware, Ryzen_7_6800hs_firmware, Ryzen_7_6800u_firmware, Ryzen_7_7700_firmware, Ryzen_7_7700x_firmware, Ryzen_7_7735hs_firmware, Ryzen_7_7735u_firmware, Ryzen_7_7736u_firmware, Ryzen_7_7800x3d_firmware, Ryzen_7_pro_7730u_firmware, Ryzen_7_pro_7840h_firmware, Ryzen_7_pro_7840hs_firmware, Ryzen_7_pro_7840u_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_9_6900hs_firmware, Ryzen_9_6900hx_firmware, Ryzen_9_6980hs_firmware, Ryzen_9_6980hx_firmware, Ryzen_9_7900_firmware, Ryzen_9_7900x3d_firmware, Ryzen_9_7900x_firmware, Ryzen_9_7950x3d_firmware, Ryzen_9_7950x_firmware, Ryzen_9_pro_7940h_firmware, Ryzen_9_pro_7940hs_firmware, Ryzen_pro_3900_firmware, Ryzen_pro_7645_firmware, Ryzen_pro_7745_firmware, Ryzen_pro_7945_firmware
|
8.1
|
|
|
2023-11-14
|
CVE-2023-20596
|
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
|
Ryzen_3_5125c_firmware, Ryzen_3_5300g_firmware, Ryzen_3_5300ge_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_7335u_firmware, Ryzen_3_7440u_firmware, Ryzen_5_5500h_firmware, Ryzen_5_5560u_firmware, Ryzen_5_5600g_firmware, Ryzen_5_5600ge_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5625u_firmware, Ryzen_5_6600h_firmware, Ryzen_5_6600hs_firmware, Ryzen_5_6600u_firmware, Ryzen_5_7500f_firmware, Ryzen_5_7535hs_firmware, Ryzen_5_7535u_firmware, Ryzen_5_7600_firmware, Ryzen_5_7600x_firmware, Ryzen_5_7640h_firmware, Ryzen_5_pro_7540u_firmware, Ryzen_5_pro_7545u_firmware, Ryzen_5_pro_7640hs_firmware, Ryzen_5_pro_7640u_firmware, Ryzen_5_pro_7645_firmware, Ryzen_7_5700g_firmware, Ryzen_7_5700ge_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5825u_firmware, Ryzen_7_6800h_firmware, Ryzen_7_6800hs_firmware, Ryzen_7_6800u_firmware, Ryzen_7_7700_firmware, Ryzen_7_7700x_firmware, Ryzen_7_7735hs_firmware, Ryzen_7_7735u_firmware, Ryzen_7_7736u_firmware, Ryzen_7_7800x3d_firmware, Ryzen_7_7840h_firmware, Ryzen_7_pro_7745_firmware, Ryzen_7_pro_7840hs_firmware, Ryzen_7_pro_7840u_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_9_6900hs_firmware, Ryzen_9_6900hx_firmware, Ryzen_9_6980hs_firmware, Ryzen_9_6980hx_firmware, Ryzen_9_7900_firmware, Ryzen_9_7900x3d_firmware, Ryzen_9_7900x_firmware, Ryzen_9_7940h_firmware, Ryzen_9_7950x3d_firmware, Ryzen_9_7950x_firmware, Ryzen_9_pro_7940hs_firmware, Ryzen_9_pro_7945_firmware
|
9.8
|
|
|