Filtered by vendor Amd Subscriptions
Filtered by product Ryzen 3100 Firmware Subscriptions
Total 11 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-20597 1 Amd 202 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 199 more 2024-11-21 5.5 Medium
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2023-20594 1 Amd 250 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 247 more 2024-11-21 4.4 Medium
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVE-2021-46794 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-11-21 7.5 High
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.
CVE-2021-46792 1 Amd 110 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 107 more 2024-11-21 5.9 Medium
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service.
CVE-2021-46773 1 Amd 126 Ryzen 1200 \(af\), Ryzen 1200 \(af\) Firmware, Ryzen 1600 \(af\) and 123 more 2024-11-21 8.8 High
Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution.
CVE-2021-46765 1 Amd 88 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 85 more 2024-11-21 7.5 High
Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.
CVE-2021-46759 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-11-21 6.1 Medium
Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity.
CVE-2021-46755 1 Amd 46 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 43 more 2024-11-21 7.5 High
Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service.
CVE-2021-46754 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-11-21 9.1 Critical
Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss of confidentiality and integrity.
CVE-2021-46753 1 Amd 132 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 129 more 2024-11-21 9.1 Critical
Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity.
CVE-2021-46749 1 Amd 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more 2024-11-21 7.5 High
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.