NotCVE - vendor:"Amd" product:"Ryzen 7 5700 Firmware" version:"comboam4v2_pi

7 results (0.005 seconds)

CVSS: 8.1EPSS: 0%CPEs: 144EXPL: 0

CVE-2023-20571

https://notcve.org/view.php?id=CVE-2023-20571

14 Nov 2023 — A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. Una condición de ejecución en el código de System Management Mode (SMM) puede permitir que un atacante que utilice un espacio de usuario comprometido aproveche CVE-2018-8897, lo que podría generar una escalada de privilegios. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 144EXPL: 0

CVE-2023-20565

https://notcve.org/view.php?id=CVE-2023-20565

14 Nov 2023 — Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. Las protecciones insuficientes en el código del System Management Mode (SMM) pueden permitir que un atacante habilite potencialmente la escalada de privilegios a través del acceso local. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 144EXPL: 0

CVE-2023-20563

https://notcve.org/view.php?id=CVE-2023-20563

CVSS: 10.0EPSS: 0%CPEs: 236EXPL: 0

CVE-2022-23821

https://notcve.org/view.php?id=CVE-2022-23821

14 Nov 2023 — Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution. Un control de acceso inadecuado en System Management Mode (SMM) puede permitir que un atacante escriba en la ROM SPI, lo que podría provocar la ejecución de código arbitrario. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 •

CVSS: 10.0EPSS: 0%CPEs: 230EXPL: 0

CVE-2022-23820

https://notcve.org/view.php?id=CVE-2022-23820

14 Nov 2023 — Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. No validar el búfer de comunicación AMD SMM puede permitir que un atacante corrompa la SMRAM, lo que podría provocar la ejecución de código arbitrario. Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 264EXPL: 0

CVE-2023-20555

https://notcve.org/view.php?id=CVE-2023-20555

08 Aug 2023 — Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4003 • CWE-787: Out-of-bounds Write •

CVSS: 5.6EPSS: 0%CPEs: 301EXPL: 1

CVE-2023-20569 – amd: Return Address Predictor vulnerability leading to information disclosure

https://notcve.org/view.php?id=CVE-2023-20569

08 Aug 2023 — A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. Una vulnerabilidad de canal lateral en algunas de las CPU de AMD puede permitir que un atacante influya en la predicción de la dirección de retorno. Esto puede dar lugar a una ejecución especulativa en una dirección controlada por el atacante, lo que podría conducir a l... • http://www.openwall.com/lists/oss-security/2023/08/08/4 • CWE-203: Observable Discrepancy •