CVE-2023-4969
- EPSS 0.91%
- Published 16.01.2024 17:15:08
- Last modified 20.06.2025 18:15:22
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVE-2021-46758
- EPSS 0.13%
- Published 14.11.2023 19:15:10
- Last modified 21.11.2024 06:34:39
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.
CVE-2022-23820
- EPSS 0.18%
- Published 14.11.2023 19:15:10
- Last modified 21.11.2024 06:49:18
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
CVE-2022-23821
- EPSS 0.34%
- Published 14.11.2023 19:15:10
- Last modified 21.11.2024 06:49:18
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
CVE-2023-20555
- EPSS 0.05%
- Published 08.08.2023 18:15:11
- Last modified 21.11.2024 07:41:06
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.