Latest amd ryzen 5300g firmware Vulnerabilities

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Amd Epyc 7003 Firmware=milanpi_1.0.0.a
Amd Epyc 7003
Amd Epyc 72f3 Firmware=milanpi_1.0.0.a
Amd Epyc 72f3
Amd Epyc 7313 Firmware=milanpi_1.0.0.a
Amd Epyc 7313
and 332 more
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Amd Ryzen 3 3100 Firmware=comboam4pi_1.0.0.9
Amd Ryzen 3 3100 Firmware=comboam4v2pi_1.2.0.8
Amd Ryzen 3 3100
Amd Ryzen 3 3200g Firmware=comboam4pi_1.0.0.9
Amd Ryzen 3 3200g Firmware=comboam4v2pi_1.2.0.8
Amd Ryzen 3 3200g
and 277 more
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a...
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300ge
Amd Ryzen 5500 Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5500
and 218 more
Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.
Amd Ryzen 6600h Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600h
Amd Ryzen 6600hs Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600hs
Amd Ryzen 6600u Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600u
and 116 more
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an...
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300ge
Amd Ryzen 5500 Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5500
and 148 more
Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution.
Amd Ryzen 6600h Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600h
Amd Ryzen 6600hs Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600hs
Amd Ryzen 6600u Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600u
and 165 more
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5300g
Amd Ryzen 5300g Firmware=comboam4v2_pi_1.2.0.5
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5300ge
Amd Ryzen 5300ge Firmware=comboam4v2_pi_1.2.0.5
and 239 more
Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwri...
Amd Ryzen 6600h Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600h
Amd Ryzen 6600hs Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600hs
Amd Ryzen 6600u Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600u
and 238 more
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a...
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5300ge
Amd Ryzen 5500 Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5500
and 218 more
Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU ...
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300ge
Amd Ryzen 5500 Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5500
and 554 more
Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked...
Amd Genoa Firmware<05.52.25.0006
Amd Genoa
Amd Hygon 1 Firmware<05.36.26.0016
Amd Hygon 1
Amd Hygon 2 Firmware<05.36.26.0016
Amd Hygon 2
and 76 more
Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in...
Amd Ryzen 3 2200u Firmware
Amd Ryzen 3 2200u
Amd Ryzen 3 2300u Firmware
Amd Ryzen 3 2300u
Amd Ryzen 3 3100 Firmware
Amd Ryzen 3 3100
and 134 more
Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution.
AMD Radeon Software
Amd Ryzen 3 2200u Firmware
Amd Ryzen 3 2200u
Amd Ryzen 5300g Firmware
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware
and 141 more
A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution.
Amd Ryzen 3 2200u Firmware
Amd Ryzen 3 2200u
Amd Ryzen 3 2300u Firmware
Amd Ryzen 3 2300u
Amd Ryzen 3 3100 Firmware
Amd Ryzen 3 3100
and 134 more
When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage.
Amd Ryzen Pro 5650g Firmware
Amd Ryzen Pro 5650g
Amd Ryzen Pro 5650ge Firmware
Amd Ryzen Pro 5650ge
Amd Ryzen Pro 5750g Firmware
Amd Ryzen Pro 5750g
and 252 more
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests.
Amd Epyc 7003 Firmware<milanpi-sp3_1.0.0.4
Amd Epyc 7003
Amd Epyc 7002 Firmware<romepi-sp3_1.0.0.c
Amd Epyc 7002
Amd Epyc 72f3 Firmware<milanpi-sp3_1.0.0.4
Amd Epyc 72f3
and 218 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203