Latest Amd Vulnerabilities

GPU kernel implementations susceptible to memory leak
Apple GPU drivers
Qualcomm GPU drivers
AMD GPU drivers
Imagination GPU drivers
Apple GPU drivers<=3.0.11
Apple GPU drivers<=1.3.224
and 259 more
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.
Amd Epyc 7763 Firmware
Amd Epyc 7763
Amd Epyc 7713p Firmware
Amd Epyc 7713p
Amd Epyc 7713 Firmware
Amd Epyc 7713
and 124 more
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
Amd Ryzen 7 5700g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 5 5600g
and 122 more
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 138 more
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900
Amd Ryzen 9 3900x Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900x Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900x
and 230 more
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availa...
<comboam4v2_pi_1.2.0.8
<comboam4v2_pi_1.2.0.8
<comboam4v2_pi_1.2.0.8
and 116 more
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
Amd Epyc 7763 Firmware<milanpi_1.0.0.b
Amd Epyc 7763
Amd Epyc 7713p Firmware<milanpi_1.0.0.b
Amd Epyc 7713p
Amd Epyc 7713 Firmware<milanpi_1.0.0.b
Amd Epyc 7713
and 124 more
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integ...
Amd Milanpi Firmware<1.0.0.a
Amd Milanpi
Amd Genoapi Firmware<1.0.0.3
Amd Genoapi
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
Amd Epyc 9654p Firmware<genoapi_1.0.0.1
Amd Epyc 9654p
Amd Epyc 9654 Firmware<genoapi_1.0.0.1
Amd Epyc 9654
Amd Epyc 9634 Firmware<genoapi_1.0.0.1
Amd Epyc 9634
and 124 more
Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
Amd Epyc 7h12 Firmware<romepi_1.0.0.f
Amd Epyc 7h12
Amd Epyc 7f72 Firmware<romepi_1.0.0.f
Amd Epyc 7f72
Amd Epyc 7f52 Firmware<romepi_1.0.0.f
Amd Epyc 7f52
and 174 more
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
Amd Epyc 7232p Firmware<romepi_1.0.0.d
Amd Epyc 7232p
Amd Epyc 7252 Firmware<romepi_1.0.0.d
Amd Epyc 7252
Amd Epyc 7262 Firmware<romepi_1.0.0.d
Amd Epyc 7262
and 166 more
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.
Microsoft Windows 10<naplespi_1.0.0.h
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware<naplespi_1.0.0.h
Amd Epyc 7251
Microsoft Windows 11<naplespi_1.0.0.h
Microsoft Windows 11
and 140 more
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of ...
Microsoft Windows 10<naplespi_1.0.0.h
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware<naplespi_1.0.0.h
Amd Epyc 7251
Microsoft Windows 11<naplespi_1.0.0.h
Microsoft Windows 11
and 180 more
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900
Amd Ryzen 9 3900x Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900x Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900x
and 224 more
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
Microsoft Windows 10<naplespi_1.0.0.k
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware<naplespi_1.0.0.k
Amd Epyc 7251
Microsoft Windows 11<naplespi_1.0.0.k
Microsoft Windows 11
and 268 more
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
Amd Epyc 9654p Firmware<genoapi_1.0.0.4
Amd Epyc 9654p
Amd Epyc 9654 Firmware<genoapi_1.0.0.4
Amd Epyc 9654
Amd Epyc 9634 Firmware<genoapi_1.0.0.4
Amd Epyc 9634
and 50 more
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.
AMD Radeon Software<23.7.1
Amd Radeon Rx 5300
Amd Radeon Rx 5300 Xt
Amd Radeon Rx 5300m
Amd Radeon Rx 5500
Amd Radeon Rx 5500 Xt
and 110 more
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potent...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature p...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential d...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
Insyde InsydeH2O=05.45.24.0039
Intel B760
Intel C262
Intel C266
Intel Core I3-1305u
Intel Core I3-13100
and 283 more
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addre...
AMD Radeon Software<23.9.2
Amd Radeon Rx 5300
Amd Radeon Rx 5300 Xt
Amd Radeon Rx 5300m
Amd Radeon Rx 5500
Amd Radeon Rx 5500 Xt
and 102 more
Improper or unexpected behavior of the INVD in some of AMD CPU's may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of...
Microsoft Windows 10
Microsoft Windows Server 2012 R2
Amd Epyc 7251 Firmware
Amd Epyc 7251
Microsoft Windows 11
Microsoft Windows 11
and 132 more
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in...
Canonical Ubuntu Linux=22.04
Microsoft Windows 10
Intel Core I7-10510u
Intel Core I7-12700k
Intel Core I7-8700
Microsoft Windows 11
and 11 more
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Microsoft Windows Server 2008 R2=comboam4pi_1.0.0.9
Microsoft Windows Server 2008 R2=comboam4v2pi_1.2.0.8
Microsoft Windows Server 2016
Amd Ryzen 3 3200g Firmware=comboam4pi_1.0.0.9
Amd Ryzen 3 3200g Firmware=comboam4v2pi_1.2.0.8
Amd Ryzen 3 3200g
and 277 more
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Amd Epyc 7003 Firmware=milanpi_1.0.0.a
Amd Epyc 7003
Amd Epyc 72f3 Firmware=milanpi_1.0.0.a
Amd Epyc 72f3
Amd Epyc 7313 Firmware=milanpi_1.0.0.a
Amd Epyc 7313
and 332 more
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of co...
AMD Ryzen Master<2.11.2.2659
Amd Ryzen Master Monitoring Sdk<august_2023
Microsoft Windows 10
Microsoft Windows 11
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash ...
AMD Ryzen Master<2.11.2.2659
Amd Ryzen Master Monitoring Sdk<august_2023
Microsoft Windows 10
Microsoft Windows 11
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary cod...
Amd Ryzen 3 3300 Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 3 3300
Microsoft Windows Server 2012 R2<comboam4_pi_v1_1.0.0.a
Amd Ryzen 3 3300x
Amd Ryzen 5 3600 Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 5 3600
and 245 more
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. ...
Amd Amd Uprof<4.1.396
Microsoft Windows
Amd Amd Uprof<4.1-424
Linux Linux kernel
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD ?Prof may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leadi...
Amd Amd Uprof<4.1.396
Microsoft Windows
Amd Amd Uprof<4.1-424
Linux Linux kernel
A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security suppor...
AMD Radeon Software
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially lead...
Amd Ryzen 5 Pro 3400g Firmware
Amd Ryzen 5 Pro 3400g
Amd Ryzen 5 3400g Firmware
Amd Ryzen 5 3400g
Amd Ryzen 5 Pro 3400ge Firmware
Amd Ryzen 5 Pro 3400ge
and 238 more
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD ?Prof may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading ...
Amd Amd Uprof<4.1.396
Microsoft Windows
Amd Amd Uprof<4.1-424
Linux Linux kernel
Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak
Debian Debian Linux=11.0
Debian Debian Linux=12.0
Amd Epyc 7351p Firmware
Amd Epyc 7351p
Amd Epyc 7401p Firmware
Amd Epyc 7401p
and 349 more
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially result...
Amd *
A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM ...
Amd Epyc 7251 Firmware
Amd Epyc 7251
Amd Epyc 7281 Firmware
Amd Epyc 7281
Amd Epyc 7301 Firmware
Amd Epyc 7301
and 170 more
A use-after-free in AMD Zen2 Processors
Xen Xen=4.15.0
Xen Xen=4.17.0
Xen Xen=4.16.0
Xen Xen=4.14.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 450 more
Xen Security Advisory 434 v1 (CVE-2023-20569) - x86/AMD: Speculative Return Stack Overflow
Microsoft Azure Virtual Machines
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
and 729 more
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5300g
Amd Ryzen 5300g Firmware=comboam4v2_pi_1.2.0.5
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5300ge
Amd Ryzen 5300ge Firmware=comboam4v2_pi_1.2.0.5
and 239 more
Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a po...
Amd Ryzen 5500 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 5500
Amd Ryzen 5500 Firmware=comboam4v2_pi_1.2.0.6
Amd Ryzen 5600 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 5600
Amd Ryzen 5600 Firmware=comboam4v2_pi_1.2.0.6
and 63 more
A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which may result in an out-of-bounds memory access that may potentially lead to an attacker leaking sensitive...
Amd Ryzen 3945wx Firmware=castlepeakwspi-swrx8_1.0.0.9
Amd Ryzen 3945wx
Amd Ryzen 3955wx Firmware=castlepeakwspi-swrx8_1.0.0.9
Amd Ryzen 3955wx
Amd Ryzen 3960x Firmware=castlepeakwspi-swrx8_1.0.0.9
Amd Ryzen 3960x
and 22 more
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an...
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300ge
Amd Ryzen 5500 Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5500
and 148 more
Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.
Amd Ryzen 6600h Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600h
Amd Ryzen 6600hs Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600hs
Amd Ryzen 6600u Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600u
and 116 more
Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution.
Amd Ryzen 6600h Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600h
Amd Ryzen 6600hs Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600hs
Amd Ryzen 6600u Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600u
and 165 more
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a...
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300ge
Amd Ryzen 5500 Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5500
and 218 more
Improper validation of DRAM addresses in SMU may allow an attacker to overwrite sensitive memory locations within the ASP potentially resulting in a denial of service.
Amd Epyc 72f3 Firmware=milanpi_1.0.0.9
Amd Epyc 72f3
Amd Epyc 7313 Firmware=milanpi_1.0.0.9
Amd Epyc 7313
Amd Epyc 7313p Firmware=milanpi_1.0.0.9
Amd Epyc 7313p
and 90 more
An attacker with a compromised ASP could possibly send malformed commands to an ASP on another CPU, resulting in an out of bounds write, potentially leading to a loss a loss of integrity.
Amd Epyc 72f3 Firmware=milanpi_1.0.0.5
Amd Epyc 72f3
Amd Epyc 7313 Firmware=milanpi_1.0.0.5
Amd Epyc 7313
Amd Epyc 7313p Firmware=milanpi_1.0.0.5
Amd Epyc 7313p
and 90 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203