Amd Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics
23 CVEs affecting Amd Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics. Latest disclosed: 2025-09-06. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0179 | High | 8.2 | 2025-02-11 | SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in ar… |
CVE-2024-21925 | High | 8.2 | 2025-02-11 | Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution. |
CVE-2023-31345 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2023-31343 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2023-31342 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2021-26344 | High | 7.2 | 2024-08-13 | An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image… |
CVE-2022-23817 | High | 7.0 | 2024-08-13 | Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the… |
CVE-2024-36347 | Medium | 6.4 | 2025-06-27 | Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, pot… |
CVE-2023-20515 | Medium | 5.7 | 2025-02-11 | Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integri… |
CVE-2021-26367 | Medium | 5.7 | 2024-08-13 | A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, pot… |
CVE-2024-36357 | Medium | 5.6 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensit… |
CVE-2024-36350 | Medium | 5.6 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of pr… |
CVE-2025-0009 | Medium | 5.5 | 2025-09-06 | A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss… |
CVE-2024-21971 | Medium | 5.5 | 2025-02-12 | Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an oper… |
CVE-2021-46746 | Medium | 5.2 | 2024-08-13 | Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing key… |
CVE-2023-20508 | Medium | 5.0 | 2025-02-11 | Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, pot… |
CVE-2021-26377 | Medium | 4.1 | 2025-09-06 | Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer over… |
CVE-2021-46772 | Low | 3.9 | 2024-08-13 | Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI… |
CVE-2021-26387 | Low | 3.9 | 2024-08-13 | Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions… |
CVE-2023-31331 | Low | 3.0 | 2025-02-11 | Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption… |