Latest Amd Vulnerabilities

CVE-2023-4969
GPU kernel implementations susceptible to memory leak
Apple GPU drivers
Qualcomm GPU drivers
AMD GPU drivers
Imagination GPU drivers
Khronos Opencl<=3.0.11
Khronos Vulkan<=1.3.224
and 259 more
CVE-2023-20573
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.
Amd Epyc 7763 Firmware
Amd Epyc 7763
Amd Epyc 7713p Firmware
Amd Epyc 7713p
Amd Epyc 7713 Firmware
Amd Epyc 7713
and 124 more
CVE-2023-20596
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
Amd Ryzen 7 5700g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 5 5600g
and 122 more
CVE-2023-20571
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 138 more
CVE-2023-20565
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2023-20563
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2022-23821
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900
Amd Ryzen 9 3900x Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900x Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900x
and 230 more
CVE-2021-46758
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availa...
Amd Ryzen 7 5700g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 5 5600g
and 116 more
CVE-2023-20566
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
Amd Epyc 7763 Firmware<milanpi_1.0.0.b
Amd Epyc 7763
Amd Epyc 7713p Firmware<milanpi_1.0.0.b
Amd Epyc 7713p
Amd Epyc 7713 Firmware<milanpi_1.0.0.b
Amd Epyc 7713
and 124 more
CVE-2023-20519
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integ...
Amd Milanpi Firmware<1.0.0.a
Amd Milanpi
Amd Genoapi Firmware<1.0.0.3
Amd Genoapi
CVE-2022-23830
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
Amd Epyc 9654p Firmware<genoapi_1.0.0.1
Amd Epyc 9654p
Amd Epyc 9654 Firmware<genoapi_1.0.0.1
Amd Epyc 9654
Amd Epyc 9634 Firmware<genoapi_1.0.0.1
Amd Epyc 9634
and 124 more
CVE-2021-26345
Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
Amd Epyc 7h12 Firmware<romepi_1.0.0.f
Amd Epyc 7h12
Amd Epyc 7f72 Firmware<romepi_1.0.0.f
Amd Epyc 7f72
Amd Epyc 7f52 Firmware<romepi_1.0.0.f
Amd Epyc 7f52
and 174 more
CVE-2023-20533
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
Amd Epyc 7232p Firmware<romepi_1.0.0.d
Amd Epyc 7232p
Amd Epyc 7252 Firmware<romepi_1.0.0.d
Amd Epyc 7252
Amd Epyc 7262 Firmware<romepi_1.0.0.d
Amd Epyc 7262
and 166 more
CVE-2023-20526
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.
Amd Epyc 7001 Firmware<naplespi_1.0.0.h
Amd Epyc 7001
Amd Epyc 7251 Firmware<naplespi_1.0.0.h
Amd Epyc 7251
Amd Epyc 7261 Firmware<naplespi_1.0.0.h
Amd Epyc 7261
and 140 more
CVE-2023-20521
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of ...
Amd Epyc 7001 Firmware<naplespi_1.0.0.h
Amd Epyc 7001
Amd Epyc 7251 Firmware<naplespi_1.0.0.h
Amd Epyc 7251
Amd Epyc 7261 Firmware<naplespi_1.0.0.h
Amd Epyc 7261
and 180 more
CVE-2022-23820
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900
Amd Ryzen 9 3900x Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900x Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900x
and 224 more
CVE-2021-46774
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
Amd Epyc 7001 Firmware<naplespi_1.0.0.k
Amd Epyc 7001
Amd Epyc 7251 Firmware<naplespi_1.0.0.k
Amd Epyc 7251
Amd Epyc 7261 Firmware<naplespi_1.0.0.k
Amd Epyc 7261
and 268 more
CVE-2021-46766
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
Amd Epyc 9654p Firmware<genoapi_1.0.0.4
Amd Epyc 9654p
Amd Epyc 9654 Firmware<genoapi_1.0.0.4
Amd Epyc 9654
Amd Epyc 9634 Firmware<genoapi_1.0.0.4
Amd Epyc 9634
and 50 more
CVE-2023-31320
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.
AMD Radeon Software<23.7.1
Amd Radeon Rx 5300
Amd Radeon Rx 5300 Xt
Amd Radeon Rx 5300m
Amd Radeon Rx 5500
Amd Radeon Rx 5500 Xt
and 110 more
CVE-2023-20568
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potent...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
CVE-2023-20567
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature p...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
CVE-2021-46748
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential d...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
CVE-2023-39281
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
Insyde InsydeH2O=05.45.24.0039
Intel B760
Intel C262
Intel C266
Intel Core I3-1305u
Intel Core I3-13100
and 283 more
CVE-2023-20598
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addre...
AMD Radeon Software<23.9.2
Amd Radeon Rx 5300
Amd Radeon Rx 5300 Xt
Amd Radeon Rx 5300m
Amd Radeon Rx 5500
Amd Radeon Rx 5500 Xt
and 102 more
CVE-2023-20592
Improper or unexpected behavior of the INVD in some of AMD CPU's may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of...
Amd Epyc 7001 Firmware
Amd Epyc 7001
Amd Epyc 7251 Firmware
Amd Epyc 7251
Amd Epyc 7261 Firmware
Amd Epyc 7261
and 132 more
CVE-2023-44216
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in...
Canonical Ubuntu Linux=22.04
Amd Ryzen 7 4800u
Intel Core I7-10510u
Intel Core I7-12700k
Intel Core I7-8700
Microsoft Windows 11
and 11 more
CVE-2023-20597
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Amd Ryzen 3 3100 Firmware=comboam4pi_1.0.0.9
Amd Ryzen 3 3100 Firmware=comboam4v2pi_1.2.0.8
Amd Ryzen 3 3100
Amd Ryzen 3 3200g Firmware=comboam4pi_1.0.0.9
Amd Ryzen 3 3200g Firmware=comboam4v2pi_1.2.0.8
Amd Ryzen 3 3200g
and 277 more
CVE-2023-20594
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Amd Epyc 7003 Firmware=milanpi_1.0.0.a
Amd Epyc 7003
Amd Epyc 72f3 Firmware=milanpi_1.0.0.a
Amd Epyc 72f3
Amd Epyc 7313 Firmware=milanpi_1.0.0.a
Amd Epyc 7313
and 332 more
CVE-2023-20564
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of co...
AMD Ryzen Master<2.11.2.2659
Amd Ryzen Master Monitoring Sdk<august_2023
Microsoft Windows 10
Microsoft Windows 11
CVE-2023-20560
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash ...
AMD Ryzen Master<2.11.2.2659
Amd Ryzen Master Monitoring Sdk<august_2023
Microsoft Windows 10
Microsoft Windows 11
CVE-2023-20561
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD ?Prof may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leadi...
Amd Amd Uprof<4.1.396
Microsoft Windows
Amd Amd Uprof<4.1-424
Linux Linux kernel
CVE-2023-20586
A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security suppor...
AMD Radeon Software
CVE-2023-20562
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. ...
Amd Amd Uprof<4.1.396
Microsoft Windows
Amd Amd Uprof<4.1-424
Linux Linux kernel
CVE-2023-20555
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary cod...
Amd Ryzen 3 3300 Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 3 3300
Amd Ryzen 3 3300x Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 3 3300x
Amd Ryzen 5 3600 Firmware<comboam4_pi_v1_1.0.0.a
Amd Ryzen 5 3600
and 245 more
CVE-2023-20556
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD ?Prof may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading ...
Amd Amd Uprof<4.1.396
Microsoft Windows
Amd Amd Uprof<4.1-424
Linux Linux kernel
CVE-2023-20589
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially lead...
Amd Ryzen 5 Pro 3400g Firmware
Amd Ryzen 5 Pro 3400g
Amd Ryzen 5 3400g Firmware
Amd Ryzen 5 3400g
Amd Ryzen 5 Pro 3400ge Firmware
Amd Ryzen 5 Pro 3400ge
and 238 more
CVE-2023-20588
Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak
Debian Debian Linux=11.0
Debian Debian Linux=12.0
Amd Epyc 7351p Firmware
Amd Epyc 7351p
Amd Epyc 7401p Firmware
Amd Epyc 7401p
and 349 more
CVE-2023-20583
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially result...
Amd *
CVE-2023-20575
A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM ...
Amd Epyc 7251 Firmware
Amd Epyc 7251
Amd Epyc 7281 Firmware
Amd Epyc 7281
Amd Epyc 7301 Firmware
Amd Epyc 7301
and 170 more
CVE-2023-20593
A use-after-free in AMD Zen2 Processors
Xen Xen=4.15.0
Xen Xen=4.17.0
Xen Xen=4.16.0
Xen Xen=4.14.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 450 more
CVE-2023-20569
Xen Security Advisory 434 v1 (CVE-2023-20569) - x86/AMD: Speculative Return Stack Overflow
Microsoft Azure Virtual Machines
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
and 729 more
CVE-2021-46792
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an...
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300ge
Amd Ryzen 5500 Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5500
and 148 more
CVE-2021-46765
Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.
Amd Ryzen 6600h Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600h
Amd Ryzen 6600hs Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600hs
Amd Ryzen 6600u Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600u
and 116 more
CVE-2021-46773
Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution.
Amd Ryzen 6600h Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600h
Amd Ryzen 6600hs Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600hs
Amd Ryzen 6600u Firmware=rembrandtpi-fp7_1.0.0.5
Amd Ryzen 6600u
and 165 more
CVE-2021-46759
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5300g
Amd Ryzen 5300g Firmware=comboam4v2_pi_1.2.0.5
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.8
Amd Ryzen 5300ge
Amd Ryzen 5300ge Firmware=comboam4v2_pi_1.2.0.5
and 239 more
CVE-2021-46756
Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the boot...
Amd Epyc 72f3 Firmware=milanpi_1.0.0.9
Amd Epyc 72f3
Amd Epyc 7313 Firmware=milanpi_1.0.0.9
Amd Epyc 7313
Amd Epyc 7313p Firmware=milanpi_1.0.0.9
Amd Epyc 7313p
and 120 more
CVE-2021-46755
Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a po...
Amd Ryzen 5500 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 5500
Amd Ryzen 5500 Firmware=comboam4v2_pi_1.2.0.6
Amd Ryzen 5600 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 5600
Amd Ryzen 5600 Firmware=comboam4v2_pi_1.2.0.6
and 63 more
CVE-2021-46760
A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which may result in an out-of-bounds memory access that may potentially lead to an attacker leaking sensitive...
Amd Ryzen 3945wx Firmware=castlepeakwspi-swrx8_1.0.0.9
Amd Ryzen 3945wx
Amd Ryzen 3955wx Firmware=castlepeakwspi-swrx8_1.0.0.9
Amd Ryzen 3955wx
Amd Ryzen 3960x Firmware=castlepeakwspi-swrx8_1.0.0.9
Amd Ryzen 3960x
and 22 more
CVE-2021-46794
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a...
Amd Ryzen 5300g Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300g
Amd Ryzen 5300ge Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5300ge
Amd Ryzen 5500 Firmware=cezannepi-fp6_1.0.0.6
Amd Ryzen 5500
and 218 more
CVE-2021-46769
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution.
Amd Epyc 72f3 Firmware=milanpi_1.0.0.9
Amd Epyc 72f3
Amd Epyc 7313 Firmware=milanpi_1.0.0.9
Amd Epyc 7313
Amd Epyc 7313p Firmware=milanpi_1.0.0.9
Amd Epyc 7313p
and 90 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203