Amd Ryzen 7 Pro 7840Hs Firmware vulnerabilities

CVE-2023-20579 [MEDIUM] CWE-284 CVE-2023-20579: Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.

CVE-2023-20596 [CRITICAL] CVE-2023-20596: Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.

CVE-2023-20563 [HIGH] CWE-269 CVE-2023-20563: Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially e Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

CVE-2023-20565 [HIGH] CWE-269 CVE-2023-20565: Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially e Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

CVE-2023-20571 [HIGH] CVE-2023-20571: A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.

CVE-2023-20569 [MEDIUM] CWE-203 CVE-2023-20569: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the retur A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.