Vulnerabilities > AMD > Ryzen Threadripper PRO 5955Wx Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-12 CVE-2021-26368 Insufficient Verification of Data Authenticity vulnerability in AMD products
Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service.
local
low complexity
amd CWE-345
4.4
2022-05-12 CVE-2021-26351 Improper Input Validation vulnerability in AMD products
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA (Direct Memory Access) read/write from/to invalid DRAM address that could result in denial of service.
local
low complexity
amd CWE-20
5.5
2022-05-11 CVE-2021-26339 Unspecified vulnerability in AMD products
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service.
local
low complexity
amd
5.5
2022-05-11 CVE-2021-26373 Improper Input Validation vulnerability in AMD products
Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.
local
low complexity
amd CWE-20
5.5
2022-05-11 CVE-2021-26375 Unspecified vulnerability in AMD products
Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.
local
low complexity
amd
5.5
2022-05-11 CVE-2021-26376 Unspecified vulnerability in AMD products
Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.
local
low complexity
amd
5.5
2022-05-11 CVE-2021-26378 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD products
Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.
local
low complexity
amd CWE-119
5.5
2022-05-11 CVE-2021-26388 Out-of-bounds Read vulnerability in AMD products
Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.
local
low complexity
amd CWE-125
5.5
2022-05-10 CVE-2021-26352 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD products
Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.
local
low complexity
amd CWE-119
5.5
2022-05-10 CVE-2021-26390 Unspecified vulnerability in AMD products
A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.
local
low complexity
amd
6.2