Amd Ryzen 3 3100 Firmware vulnerabilities
9 known vulnerabilities affecting amd/ryzen_3_3100_firmware.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM7
Vulnerabilities
Page 1 of 1
CVE-2022-23820CRITICALCVSS 9.8vcomboam4_pi_1.0.0.9vcomboam4_v2_pi_1.2.0.82023-11-14
CVE-2022-23820 [HIGH] CWE-20 CVE-2022-23820: Failure to validate the AMD SMM communication buffer
may allow an attacker to corrupt the SMRAM pote
Failure to validate the AMD SMM communication buffer
may allow an attacker to corrupt the SMRAM potentially leading to arbitrary
code execution.
nvd
CVE-2022-23821CRITICALCVSS 9.8vcomboam4_pi_1.0.0.9vcomboam4_v2_pi_1.2.0.82023-11-14
CVE-2022-23821 [CRITICAL] CVE-2022-23821: Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM po
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
nvd
CVE-2023-20594MEDIUMCVSS 4.4vcomboam4pi_1.0.0.9vcomboam4v2pi_1.2.0.82023-09-20
CVE-2023-20594 [MEDIUM] CWE-824 CVE-2023-20594: Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
nvd
CVE-2023-20597MEDIUMCVSS 5.5vcomboam4pi_1.0.0.9vcomboam4v2pi_1.2.0.82023-09-20
CVE-2023-20597 [MEDIUM] CWE-824 CVE-2023-20597: Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
nvd
CVE-2021-26373MEDIUMCVSS 5.5fixed in comboam4pi_1.0.0.8fixed in comboam4_v2_pi_1.2.0.6c2022-05-11
CVE-2021-26373 [MEDIUM] CWE-20 CVE-2021-26373: Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunc
Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.
nvd
CVE-2021-26388MEDIUMCVSS 5.5fixed in comboam4pi_1.0.0.8fixed in comboam4_v2_pi_1.2.0.6c2022-05-11
CVE-2021-26388 [MEDIUM] CWE-125 CVE-2021-26388: Improper validation of the BIOS directory may allow for searches to read beyond the directory table
Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.
nvd
CVE-2021-26378MEDIUMCVSS 5.5fixed in comboam4pi_1.0.0.8fixed in comboam4_v2_pi_1.2.0.6c2022-05-11
CVE-2021-26378 [MEDIUM] CWE-119 CVE-2021-26378: Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid add
Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.
nvd
CVE-2021-26376MEDIUMCVSS 5.5fixed in comboam4pi_1.0.0.8fixed in comboam4_v2_pi_1.2.0.6c2022-05-11
CVE-2021-26376 [MEDIUM] CVE-2021-26376: Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features
Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.
nvd
CVE-2021-26375MEDIUMCVSS 5.5fixed in comboam4pi_1.0.0.8fixed in comboam4_v2_pi_1.2.0.6c2022-05-11
CVE-2021-26375 [MEDIUM] CVE-2021-26375: Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in ac
Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.
nvd