Amd: >> Ryzen Pro 3900 Firmware Security Vulnerabilities
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
CVSS Score
8.1
EPSS Score
0.003
Published
2023-11-14
Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-01-11
When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-02-04
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-16