Amd: >> Ryzen 5 5500u Firmware >> cezannepi-fp6_1.0.0.b Security Vulnerabilities
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-11-14
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVSS Score
4.4
EPSS Score
0.001
Published
2023-09-20
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-09-20
Insufficient input validation in
CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting
an arbitrary bit in an attacker-controlled pointer potentially leading to
arbitrary code execution in SMM.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-08-08
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVSS Score
4.7
EPSS Score
0.006
Published
2023-08-08