Vulnerabilities > AMD > Ryzen 5300G Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-20 | CVE-2023-20594 | Improper Initialization vulnerability in AMD products Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 4.4 |
2023-09-20 | CVE-2023-20597 | Improper Initialization vulnerability in AMD products Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 5.5 |
2023-05-09 | CVE-2021-46759 | Out-of-bounds Write vulnerability in AMD products Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity. | 6.1 |
2023-05-09 | CVE-2021-46792 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service. | 5.9 |
2022-05-12 | CVE-2021-26368 | Insufficient Verification of Data Authenticity vulnerability in AMD products Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service. | 4.4 |
2021-11-16 | CVE-2021-26337 | Unspecified vulnerability in AMD products Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. | 5.5 |