Amd Amd Ryzen™ 4000 Series Desktop Processors
31 CVEs affecting Amd Amd Ryzen™ 4000 Series Desktop Processors. Latest disclosed: 2026-06-01. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36342 | High | 8.8 | 2025-09-06 | Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. |
CVE-2024-36352 | High | 8.4 | 2025-09-06 | Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or… |
CVE-2021-26383 | High | 7.9 | 2025-09-05 | Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker with a compromised userspace to invoke a command with malformed… |
CVE-2024-36354 | High | 7.5 | 2025-09-06 | Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-comp… |
CVE-2024-21947 | High | 7.5 | 2025-09-06 | Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrar… |
CVE-2022-23817 | High | 7.0 | 2024-08-13 | Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the… |
CVE-2024-36353 | Medium | 6.5 | 2025-03-02 | Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss… |
CVE-2025-0010 | Medium | 6.1 | 2025-09-06 | An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity… |
CVE-2025-0009 | Medium | 5.5 | 2025-09-06 | A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss… |
CVE-2021-26377 | Medium | 4.1 | 2025-09-06 | Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer over… |
CVE-2021-46750 | Low | 3.0 | 2025-09-06 | Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics m… |
CVE-2023-31326 | Low | 2.8 | 2025-09-06 | Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially lead… |
CVE-2023-31330 | Low | 2.5 | 2025-09-06 | An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss… |
CVE-2021-46747 | | 2026-06-01 | Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (S… | |
CVE-2025-54518 | | 2026-05-15 | Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a dif… | |
CVE-2025-48516 | | 2026-05-15 | Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotec… | |
CVE-2024-21962 | | 2026-05-15 | Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation… | |
CVE-2023-31316 | | 2026-05-15 | Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker… | |
CVE-2021-26380 | | 2026-05-15 | A compromised Trusted OS (TOS) driver could issue a malformed call that could potentially allow memory access outside the intended range resulting in loss of… | |
CVE-2026-0432 | | 2026-05-15 | Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arb… |