Ryzen 9 3900x Firmware

ryzen_9_3900x_firmware

Vendor: Amd • 30 CVEs

CVEs (30)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-26317 1Amd 74Athlon 3050ge Firmware Athlon 3150g FirmwareAthlon 3150ge Firmware+71 more Nov 21, 2024 May 12, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution.
CVE-2021-26369 1Amd 50Athlon 3050ge Firmware Athlon 3150g FirmwareAthlon 3150ge Firmware+47 more Nov 21, 2024 May 12, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses.
CVE-2021-26366 1Amd 63Athlon 3050ge Firmware Athlon 3150g FirmwareAthlon 3150ge Firmware+60 more Nov 21, 2024 May 12, 2022 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity.
CVE-2021-26351 1Amd 49Ryzen 3 3100 Firmware Ryzen 3 3300g FirmwareRyzen 3 3300x Firmware+46 more Nov 21, 2024 May 12, 2022 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service.
CVE-2021-26390 1Amd 37Athlon 300u Firmware Ryzen 3 3200u FirmwareRyzen 3 3300u Firmware+34 more Nov 21, 2024 May 10, 2022 N/A· v4 6.2 MEDIUM· v3 4.9 MEDIUM· v2 A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.
CVE-2021-26352 1Amd 30Ryzen 3 5300g Firmware Ryzen 3 5300ge FirmwareRyzen 5 2600 Firmware+27 more Nov 21, 2024 May 10, 2022 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.
CVE-2021-26401 1Amd 126A10 9600p Firmware A10 9630p FirmwareA12 9700p Firmware+123 more Nov 21, 2024 Mar 11, 2022 N/A· v4 5.6 MEDIUM· v3 1.9 LOW· v2 LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
CVE-2021-26341 1Amd 126A10 9600p Firmware A10 9630p FirmwareA12 9700p Firmware+123 more Nov 21, 2024 Mar 11, 2022 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2021-26337 1Amd 112Epyc 7002 Firmware Epyc 7003 FirmwareEpyc 7232p Firmware+109 more Nov 21, 2024 Nov 16, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests.
CVE-2021-26336 1Amd 95Epyc 7002 Firmware Epyc 7003 FirmwareEpyc 7232p Firmware+92 more Nov 21, 2024 Nov 16, 2021 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components.

Previous 12