Amd: >> Ryzen 5 5500 Security Vulnerabilities
Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-11-14
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
CVSS Score
8.1
EPSS Score
0.003
Published
2023-11-14
Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-11-14
Failure to validate the AMD SMM communication buffer
may allow an attacker to corrupt the SMRAM potentially leading to arbitrary
code execution.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-14
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-11-14
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-11-01
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-09-20
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-09-20
Page 1