Vulnerabilities > AMD
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-22 | CVE-2018-8934 | Unspecified vulnerability in AMD Ryzen Firmware and Ryzen PRO Firmware The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW. | 9.0 |
| 2018-03-22 | CVE-2018-8933 | Incorrect Permission Assignment for Critical Resource vulnerability in AMD Epyc Server Firmware The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3. | 9.0 |
| 2018-03-22 | CVE-2018-8932 | Incorrect Permission Assignment for Critical Resource vulnerability in AMD Ryzen Firmware and Ryzen PRO Firmware The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4. | 9.0 |
| 2018-03-22 | CVE-2018-8931 | Incorrect Permission Assignment for Critical Resource vulnerability in AMD products The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1. | 9.0 |
| 2018-03-22 | CVE-2018-8930 | Unspecified vulnerability in AMD products The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. | 9.0 |
| 2017-06-07 | CVE-2015-7724 | Link Following vulnerability in AMD Fglrx-Driver 14.4.2/15.7 AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. | 7.8 |
| 2017-06-07 | CVE-2015-7723 | Link Following vulnerability in AMD Fglrx-Driver 14.4.2 AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. | 7.8 |
| 2017-03-25 | CVE-2017-7262 | Improper Input Validation vulnerability in AMD Ryzen 20170127 The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite. | 5.5 |
| 2017-02-27 | CVE-2017-5927 | Information Exposure vulnerability in multiple products Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. | 7.5 |
| 2017-02-27 | CVE-2017-5926 | Information Exposure vulnerability in multiple products Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. | 7.5 |