Amd Amd Ryzen™ Ai Max 300 Series Processors
14 CVEs affecting Amd Amd Ryzen™ Ai Max 300 Series Processors. Latest disclosed: 2026-05-15. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36353 | Medium | 6.5 | 2025-03-02 | Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss… |
CVE-2025-48516 | | 2026-05-15 | Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotec… | |
CVE-2025-29944 | | 2026-05-15 | A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of servi… | |
CVE-2024-21962 | | 2026-05-15 | Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation… | |
CVE-2026-0438 | | 2026-05-15 | A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active use… | |
CVE-2026-0432 | | 2026-05-15 | Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arb… | |
CVE-2025-48512 | | 2026-05-15 | Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privi… | |
CVE-2025-0045 | | 2026-05-15 | Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting… | |
CVE-2025-62625 | | 2026-05-14 | Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in un… | |
CVE-2025-62619 | | 2026-05-14 | Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, p… | |
CVE-2025-54502 | | 2026-04-16 | Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve… | |
CVE-2025-52533 | | 2026-02-12 | Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentia… | |
CVE-2024-36310 | | 2026-02-10 | Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially res… | |
CVE-2025-54514 | | 2026-02-10 | Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of int… |