Advanced Micro Devices (AMD) RYZEN 9 4900HS FIRMWARE -

CPE Details

Advanced Micro Devices (AMD) RYZEN 9 4900HS FIRMWARE -
amd
ryzen_9_4900hs_firmware
-
2022-03-17
12h47 +00:00
2022-03-21
16h41 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

amd

Product

ryzen_9_4900hs_firmware

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-4969 2024-01-16 17h01 +00:00 A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
6.5
Medium
CVE-2021-46758 2023-11-14 18h54 +00:00 Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.
6.1
Medium
CVE-2023-20555 2023-08-08 17h07 +00:00 Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.
7.8
High
CVE-2021-46778 2022-08-09 20h20 +00:00 Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information.
5.6
Medium
CVE-2021-26341 2022-03-11 17h54 +00:00 Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
6.5
Medium
CVE-2021-26401 2022-03-11 17h54 +00:00 LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
5.6
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.