Amd: >> Ryzen 7 Pro 7840hs Security Vulnerabilities
Improper
Access Control in the AMD SPI protection feature may allow a user with Ring0
(kernel mode) privileged access to bypass protections potentially resulting in
loss of integrity and availability.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-02-13
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVSS Score
6.5
EPSS Score
0.012
Published
2024-01-16
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-11-14
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
CVSS Score
8.1
EPSS Score
0.003
Published
2023-11-14
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-11-01
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.019
Published
2023-10-17
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVSS Score
4.7
EPSS Score
0.006
Published
2023-08-08
A potential power side-channel vulnerability in
AMD processors may allow an authenticated attacker to monitor the CPU power
consumption as the data in a cache line changes over time potentially resulting
in a leak of sensitive information.
CVSS Score
4.7
EPSS Score
0.001
Published
2023-08-01
Page 1