Advanced Micro Devices (AMD) Ryzen 3 3250u Firmware ComboAM4PI 1.0.0.9

CPE Details

Advanced Micro Devices (AMD) Ryzen 3 3250u Firmware ComboAM4PI 1.0.0.9
amd
ryzen_3_3250u_firmware
comboam4pi_1.0.0.9
2023-09-22
16h08 +00:00
2023-09-22
16h08 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:amd:ryzen_3_3250u_firmware:comboam4pi_1.0.0.9:*:*:*:*:*:*:*

Informations

Vendor

amd

Product

ryzen_3_3250u_firmware

Version

comboam4pi_1.0.0.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-23815 2024-08-13 16h51 +00:00 Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
8.2
High
CVE-2023-20521 2023-11-14 18h52 +00:00 TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
5.7
Medium
CVE-2023-20597 2023-09-20 17h32 +00:00 Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
5.5
Medium
CVE-2023-20594 2023-09-20 17h27 +00:00 Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
4.4
Medium
CVE-2021-26371 2023-05-09 18h59 +00:00 A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure.
5.5
Medium
CVE-2021-26365 2023-05-09 18h58 +00:00 Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents.
8.2
High
CVE-2021-26354 2023-05-09 18h58 +00:00 Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity.
5.5
Medium
CVE-2021-26382 2022-07-14 19h28 +00:00 An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service.
4.4
Medium
CVE-2021-26388 2022-05-11 16h29 +00:00 Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.
5.5
Medium
CVE-2021-26376 2022-05-11 16h28 +00:00 Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.
5.5
Medium
CVE-2021-26373 2022-05-11 16h27 +00:00 Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.
5.5
Medium
CVE-2021-26378 2022-05-11 16h23 +00:00 Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.
5.5
Medium
CVE-2021-26375 2022-05-11 16h20 +00:00 Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.
5.5
Medium