Amd Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics
11 CVEs affecting Amd Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics. Latest disclosed: 2024-08-13. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-23829 | High | 8.2 | 2024-06-18 | A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode… |
CVE-2023-31315 | High | 7.5 | 2024-08-09 | Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled… |
CVE-2021-26344 | High | 7.2 | 2024-08-13 | An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image… |
CVE-2022-23817 | High | 7.0 | 2024-08-13 | Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the… |
CVE-2024-21981 | Medium | 5.7 | 2024-08-13 | Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to ex… |
CVE-2021-26367 | Medium | 5.7 | 2024-08-13 | A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, pot… |
CVE-2021-46746 | Medium | 5.2 | 2024-08-13 | Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing key… |
CVE-2021-46772 | Low | 3.9 | 2024-08-13 | Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI… |
CVE-2021-26387 | Low | 3.9 | 2024-08-13 | Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions… |
CVE-2023-20518 | Low | 1.9 | 2024-08-13 | Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfil… |
CVE-2023-20579 | | 2024-02-13 | Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulti… |