amd Ryzen™ 3000 Series Desktop Processors “Matisse” - 6 CVEs, 1 Versions

CVE-2022-23821

Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.

UNKNOWN Nov 14, 2023

CVE-2023-20533

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.

MEDIUM Nov 14, 2023

CVE-2022-23820

Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.

HIGH Nov 14, 2023

CVE-2021-46774

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.

MEDIUM Nov 14, 2023

CVE-2023-20597

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

UNKNOWN Sep 20, 2023

CVE-2023-20594

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

UNKNOWN Sep 20, 2023

Ryzen™ 3000 Series Desktop Processors “Matisse”

Versions

various