CVEs (26)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
3Amd ImaginationtechKhronos132Athlon 3000g Firmware DdkInstinct Mi100 Firmware+129 moreJun 20, 2025 Jan 16, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures. |
1Amd 1224700s Firmware Athlon Gold 3150c FirmwareAthlon Gold 3150g Firmware+119 moreNov 21, 2024 Aug 8, 2023 N/A· v4 6.8 MEDIUM· v3 N/A· v2 An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary cod...Show more |
5Amd DebianFedoraproject+2 more47Athlon Gold 3150g Firmware Athlon Gold 3150ge FirmwareAthlon Gold Pro 3150g Firmware+44 moreNov 21, 2024 Aug 8, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
|
1Amd 54Amd 3015ce Firmware Amd 3015e FirmwareRyzen 3 2200g Firmware+51 moreJan 28, 2025 May 9, 2023 N/A· v4 8.2 HIGH· v3 N/A· v2 Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents...Show more |
1Amd 104Ryzen 3 3100 Firmware Ryzen 3 3200g FirmwareRyzen 3 3200u Firmware+101 moreApr 9, 2025 Jan 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service. |
3Amd FedoraprojectXen169A10 9600p Firmware A10 9630p FirmwareA12 9700p Firmware+166 moreNov 21, 2024 Nov 9, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. |
1Amd 67Amd 3015ce Firmware Amd 3015e FirmwareAmd 3020e Firmware+64 moreNov 21, 2024 Nov 9, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of t...Show more |
1Amd 103Amd 3015ce Firmware Amd 3015e FirmwareAmd 3020e Firmware+100 moreNov 21, 2024 Nov 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA. |
1Amd 101Amd 3015ce Firmware Amd 3015e FirmwareAmd 3020e Firmware+98 moreNov 21, 2024 Nov 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity. |
1Amd 103Amd 3015ce Firmware Amd 3015e FirmwareAmd 3020e Firmware+100 moreNov 21, 2024 Nov 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity. |
1Amd 179Athlon 3050ge Firmware Athlon 3150g FirmwareAthlon 3150ge Firmware+176 moreNov 21, 2024 Aug 10, 2022 N/A· v4 5.6 MEDIUM· v3 N/A· v2 Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the content...Show more |
4Amd DebianFedoraproject+1 more126A10 9600p Firmware A10 9630p FirmwareA12 9700p Firmware+123 moreNov 21, 2024 Jul 14, 2022 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. |
4Amd DebianFedoraproject+1 more126A10 9600p Firmware A10 9630p FirmwareA12 9700p Firmware+123 moreNov 21, 2024 Jul 12, 2022 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. |
1Amd 142A10 9600p Firmware A10 9630p FirmwareA12 9700p Firmware+139 moreNov 21, 2024 Jun 15, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. |
1Amd 70Ryzen 3 2200u Firmware Ryzen 3 2300u FirmwareRyzen 3 3100 Firmware+67 moreNov 21, 2024 May 12, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution. |
1Amd 70Ryzen 3 2200u Firmware Ryzen 3 2300u FirmwareRyzen 3 3100 Firmware+67 moreNov 21, 2024 May 12, 2022 N/A· v4 4.4 MEDIUM· v3 4.9 MEDIUM· v2 Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service...Show more |
1Amd 34Radeon Software Ryzen 3 3100 FirmwareRyzen 3 3300g Firmware+31 moreNov 21, 2024 May 12, 2022 N/A· v4 4.4 MEDIUM· v3 3.6 LOW· v2 A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure. |
1Amd 74Athlon 3050ge Firmware Athlon 3150g FirmwareAthlon 3150ge Firmware+71 moreNov 21, 2024 May 12, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution. |
1Amd 50Athlon 3050ge Firmware Athlon 3150g FirmwareAthlon 3150ge Firmware+47 moreNov 21, 2024 May 12, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses. |
1Amd 63Athlon 3050ge Firmware Athlon 3150g FirmwareAthlon 3150ge Firmware+60 moreNov 21, 2024 May 12, 2022 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity. |