This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Amd First view 2022-07-14
Product Ryzen 3 3550h Firmware Last view 2023-09-20
Version Type Os
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:amd:ryzen_3_3550h_firmware:-:*:*:*:*:*:*:* 5
cpe:2.3:o:amd:ryzen_3_3550h_firmware:comboam4pi_1.0.0.9:*:*:*:*:*:*:* 2
cpe:2.3:o:amd:ryzen_3_3550h_firmware:comboam4v2pi_1.2.0.8:*:*:*:*:*:*:* 2

Related : CVE

  Date Alert Description
5.5 2023-09-20 CVE-2023-20597

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

4.4 2023-09-20 CVE-2023-20594

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

8.8 2023-04-02 CVE-2023-20559

Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges.

8.8 2023-04-02 CVE-2023-20558

Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges.

5.5 2023-01-11 CVE-2021-26346

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

5.6 2022-08-10 CVE-2021-46778

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1†, “Zen 2†and “Zen 3†that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information.

7.8 2022-07-14 CVE-2021-26384

A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources.

CWE : Common Weakness Enumeration

%idName
33% (2) CWE-665 Improper Initialization
16% (1) CWE-787 Out-of-bounds Write
16% (1) CWE-203 Information Exposure Through Discrepancy
16% (1) CWE-190 Integer Overflow or Wraparound
16% (1) CWE-125 Out-of-bounds Read