Latest amd ryzen 5 6600h firmware Vulnerabilities

CVE-2023-4969
GPU kernel implementations susceptible to memory leak
Apple GPU drivers
Qualcomm GPU drivers
AMD GPU drivers
Imagination GPU drivers
Khronos Opencl<=3.0.11
Khronos Vulkan<=1.3.224
and 259 more
CVE-2023-20596
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
Amd Ryzen 7 5700g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 5 5600g
and 122 more
CVE-2023-20571
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 138 more
CVE-2023-20565
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2023-20563
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2022-23821
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900
Amd Ryzen 9 3900x Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900x Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900x
and 230 more
CVE-2021-46758
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availa...
Amd Ryzen 7 5700g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 5 5600g
and 116 more
CVE-2022-23820
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900
Amd Ryzen 9 3900x Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900x Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900x
and 224 more
CVE-2023-20589
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially lead...
Amd Ryzen 5 Pro 3400g Firmware
Amd Ryzen 5 Pro 3400g
Amd Ryzen 5 3400g Firmware
Amd Ryzen 5 3400g
Amd Ryzen 5 Pro 3400ge Firmware
Amd Ryzen 5 Pro 3400ge
and 238 more
CVE-2023-20555
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary cod...
Amd Ryzen 3 3300 Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 3 3300
Amd Ryzen 3 3300x Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 3 3300x
Amd Ryzen 5 3600 Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 5 3600
and 245 more
CVE-2023-20569
Xen Security Advisory 434 v1 (CVE-2023-20569) - x86/AMD: Speculative Return Stack Overflow
Microsoft Azure Virtual Machines
Microsoft Windows Server 2008 R2
Microsoft Windows 10=1809
Microsoft Windows 11=21H2
Microsoft Windows 10=22H2
Microsoft Windows Server 2012
and 761 more
CVE-2021-26365
Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bo...
Amd Ryzen 5 2400g Firmware
Amd Ryzen 5 2400g
Amd Ryzen 5 2400ge Firmware
Amd Ryzen 5 2400ge
Amd Ryzen 3 2200ge Firmware
Amd Ryzen 3 2200ge
and 102 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203