Latest amd ryzen 5 5500u Vulnerabilities

GPU kernel implementations susceptible to memory leak
Apple GPU drivers
Qualcomm GPU drivers
AMD GPU drivers
Imagination GPU drivers
Apple GPU drivers<=3.0.11
Apple GPU drivers<=1.3.224
and 259 more
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availa...
<comboam4v2_pi_1.2.0.8
<comboam4v2_pi_1.2.0.8
<comboam4v2_pi_1.2.0.8
and 116 more
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.
AMD Radeon Software<23.7.1
Amd Radeon Rx 5300
Amd Radeon Rx 5300 Xt
Amd Radeon Rx 5300m
Amd Radeon Rx 5500
Amd Radeon Rx 5500 Xt
and 110 more
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potent...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature p...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential d...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
Insyde InsydeH2O=05.45.24.0039
Intel B760
Intel C262
Intel C266
Intel Core I3-1305u
Intel Core I3-13100
and 283 more
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Microsoft Windows Server 2008 R2=comboam4pi_1.0.0.9
Microsoft Windows Server 2008 R2=comboam4v2pi_1.2.0.8
Microsoft Windows Server 2016
Amd Ryzen 3 3200g Firmware=comboam4pi_1.0.0.9
Amd Ryzen 3 3200g Firmware=comboam4v2pi_1.2.0.8
Amd Ryzen 3 3200g
and 277 more
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Amd Epyc 7003 Firmware=milanpi_1.0.0.a
Amd Epyc 7003
Amd Epyc 72f3 Firmware=milanpi_1.0.0.a
Amd Epyc 72f3
Amd Epyc 7313 Firmware=milanpi_1.0.0.a
Amd Epyc 7313
and 332 more
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary cod...
Amd Ryzen 3 3300 Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 3 3300
Microsoft Windows Server 2012 R2<comboam4_pi_v1_1.0.0.a
Amd Ryzen 3 3300x
Amd Ryzen 5 3600 Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 5 3600
and 245 more
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially lead...
Amd Ryzen 5 Pro 3400g Firmware
Amd Ryzen 5 Pro 3400g
Amd Ryzen 5 3400g Firmware
Amd Ryzen 5 3400g
Amd Ryzen 5 Pro 3400ge Firmware
Amd Ryzen 5 Pro 3400ge
and 238 more
A use-after-free in AMD Zen2 Processors
Xen Xen=4.15.0
Xen Xen=4.17.0
Xen Xen=4.16.0
Xen Xen=4.14.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 450 more
Xen Security Advisory 434 v1 (CVE-2023-20569) - x86/AMD: Speculative Return Stack Overflow
Microsoft Azure Virtual Machines
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
and 729 more
Amd Ryzen 5 2400g Firmware
Amd Ryzen 5 2400g
Amd Ryzen 5 2400ge Firmware
Amd Ryzen 5 2400ge
Amd Ryzen 3 2200ge Firmware
Amd Ryzen 3 2200ge
and 102 more
Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss...
Amd Epyc 7773x Firmware<milanpi_1.0.0.6
Amd Epyc 7773x
Amd Epyc 7763 Firmware<milanpi_1.0.0.6
Amd Epyc 7763
Amd Epyc 7713p Firmware<milanpi_1.0.0.6
Amd Epyc 7713p
and 298 more
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
Amd Athlon X4 750 Firmware
Amd Athlon X4 750
Amd Athlon X4 760k Firmware
Amd Athlon X4 760k
Amd Athlon X4 830 Firmware
Amd Athlon X4 830
and 809 more
Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code ex...
Amd Epyc 7h12 Firmware<romepi_1.0.0.d
Amd Epyc 7h12
Amd Epyc 7f72 Firmware<romepi_1.0.0.d
Amd Epyc 7f72
Amd Epyc 7f52 Firmware<romepi_1.0.0.d
Amd Epyc 7f52
and 288 more
Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential ...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2016
Amd Ryzen 3 3200g Firmware
Amd Ryzen 3 3200g
Microsoft Windows Server 2008 R2
Microsoft Windows 10
and 202 more
Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.
Amd Enterprise Driver<22.10.20
Amd Radeon Pro Software<22.q2
AMD Radeon Software<22.5.2
Amd Radeon Pro W5500
Amd Radeon Pro W5500x
Amd Radeon Pro W5700
and 92 more
Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
Amd Enterprise Driver<22.10.20
Amd Radeon Pro Software<22.q2
AMD Radeon Software<22.5.2
Amd Radeon Pro W5500
Amd Radeon Pro W5500x
Amd Radeon Pro W5700
and 424 more
Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
Amd Enterprise Driver<22.10.20
Amd Radeon Pro Software<22.q2
AMD Radeon Software<22.5.2
Amd Radeon Pro W5500
Amd Radeon Pro W5500x
Amd Radeon Pro W5700
and 432 more
Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a...
Amd Enterprise Driver<22.10.20
Amd Radeon Pro Software<22.q2
AMD Radeon Software<22.5.2
Amd Radeon Pro W5500
Amd Radeon Pro W5500x
Amd Radeon Pro W5700
and 498 more
Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially pois...
Amd Enterprise Driver<22.10.20
Amd Radeon Pro Software<22.q2
AMD Radeon Software<22.5.2
Amd Radeon Pro W5500
Amd Radeon Pro W5500x
Amd Radeon Pro W5700
and 354 more
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By m...
Amd Athlon 3050ge Firmware
Amd Athlon 3050ge
Amd Athlon 3150g Firmware
Amd Athlon 3150g
Amd Athlon 3150ge Firmware
Amd Athlon 3150ge
and 352 more
Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.
Amd Epyc 7232p Firmware<romepi-sp3_1.0.0.d
Amd Epyc 7232p
Amd Epyc 7302p Firmware<romepi-sp3_1.0.0.d
Amd Epyc 7302p
Amd Epyc 7402p Firmware<romepi-sp3_1.0.0.d
Amd Epyc 7402p
and 255 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203