CPE Details
Advanced Micro Devices (AMD) Ryzen 5600
-
2023-05-17
20h19 +00:00
20h19 +00:00
2023-06-20
11h49 +00:00
11h49 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:h:amd:ryzen_5600:-:*:*:*:*:*:*:*
Informations
Vendor
amdProduct
ryzen_5600Version
-Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 5.5 |
Medium |
||
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 4.4 |
Medium |
||
| A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | 4.7 |
Medium |
||
| Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. | 7.5 |
High |
||
| Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service. | 5.9 |
Medium |
||
| Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution. | 8.8 |
High |
||
| Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. | 7.5 |
High |
||
| Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity. | 6.1 |
Medium |
||
| Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service. | 7.5 |
High |
||
| Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss of confidentiality and integrity. | 9.1 |
Critical |
||
| Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity. | 9.1 |
Critical |
||
| Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. | 7.5 |
High |
2025©
tesweb SA
