Amd: >> Ryzen 9 6980hx Firmware >> rembrandtpi-fp7_1.0.0.5 Security Vulnerabilities
Improper
Access Control in the AMD SPI protection feature may allow a user with Ring0
(kernel mode) privileged access to bypass protections potentially resulting in
loss of integrity and availability.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-02-13
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-11-14
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
CVSS Score
8.1
EPSS Score
0.003
Published
2023-11-14
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVSS Score
4.7
EPSS Score
0.006
Published
2023-08-08
Insufficient input validation in
CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting
an arbitrary bit in an attacker-controlled pointer potentially leading to
arbitrary code execution in SMM.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-08
Certain size values in firmware binary headers
could trigger out of bounds reads during signature validation, leading to
denial of service or potentially limited leakage of information about
out-of-bounds memory contents.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-05-09