Ryzen 9 4900hs Firmware

ryzen_9_4900hs_firmware

Vendor: Amd • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-4969 3Amd ImaginationtechKhronos 132Athlon 3000g Firmware DdkInstinct Mi100 Firmware+129 more Jun 20, 2025 Jan 16, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVE-2022-23821 1Amd 108Athlon 3015ce Firmware Athlon 3015e FirmwareRyzen 3 3100 Firmware+105 more Nov 21, 2024 Nov 14, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
CVE-2022-23820 1Amd 105Athlon 3015ce Firmware Athlon 3015e FirmwareRyzen 3 3100 Firmware+102 more Nov 21, 2024 Nov 14, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
CVE-2021-46758 1Amd 61Ryzen 3 4300u Firmware Ryzen 3 5125c FirmwareRyzen 3 5300g Firmware+58 more Nov 21, 2024 Nov 14, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity...Show more Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity. Show less
CVE-2023-20555 1Amd 119Athlon 3015ce Firmware Athlon 3015e FirmwareAthlon Gold 3150c Firmware+116 more Nov 21, 2024 Aug 8, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM....Show more Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. Show less
CVE-2021-46778 1Amd 179Athlon 3050ge Firmware Athlon 3150g FirmwareAthlon 3150ge Firmware+176 more Nov 21, 2024 Aug 10, 2022 N/A· v4 5.6 MEDIUM· v3 N/A· v2 Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the content...Show more Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information.Show less
CVE-2021-26401 1Amd 126A10 9600p Firmware A10 9630p FirmwareA12 9700p Firmware+123 more Nov 21, 2024 Mar 11, 2022 N/A· v4 5.6 MEDIUM· v3 1.9 LOW· v2 LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
CVE-2021-26341 1Amd 126A10 9600p Firmware A10 9630p FirmwareA12 9700p Firmware+123 more Nov 21, 2024 Mar 11, 2022 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.