Amd Amd Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics
21 CVEs affecting Amd Amd Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics. Latest disclosed: 2026-06-01. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36342 | High | 8.8 | 2025-09-06 | Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. |
CVE-2023-20599 | High | 7.9 | 2025-06-10 | Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 re… |
CVE-2024-36354 | High | 7.5 | 2025-09-06 | Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-comp… |
CVE-2024-21947 | High | 7.5 | 2025-09-06 | Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrar… |
CVE-2021-26344 | High | 7.2 | 2024-08-13 | An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image… |
CVE-2022-23817 | High | 7.0 | 2024-08-13 | Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the… |
CVE-2025-0010 | Medium | 6.1 | 2025-09-06 | An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity… |
CVE-2025-0009 | Medium | 5.5 | 2025-09-06 | A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss… |
CVE-2024-21970 | Medium | 4.4 | 2025-09-06 | Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a l… |
CVE-2021-46750 | Low | 3.0 | 2025-09-06 | Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics m… |
CVE-2021-46747 | | 2026-06-01 | Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (S… | |
CVE-2025-48516 | | 2026-05-15 | Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotec… | |
CVE-2024-21962 | | 2026-05-15 | Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation… | |
CVE-2022-23826 | | 2026-05-15 | A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially lead… | |
CVE-2025-62625 | | 2026-05-14 | Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in un… | |
CVE-2025-54502 | | 2026-04-16 | Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve… | |
CVE-2023-31364 | | 2026-02-26 | Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with wr… | |
CVE-2025-52533 | | 2026-02-12 | Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentia… | |
CVE-2024-36320 | | 2026-02-11 | Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and… | |
CVE-2025-29949 | | 2026-02-10 | Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds… |