Amd Ryzen 7030 Series Mobile Processors With Radeon Graphics
Monthly
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.
DDR5 memory modules in multiple AMD Ryzen processor families contain an insecure default PMIC (Power Management Integrated Circuit) interface configuration that allows local users with standard privileges to cause permanent denial of service or corrupt memory module integrity via unprotected firmware access. The vulnerability affects Ryzen 4000, 7000, 7020, 7030, 7035, 7040, 7045 series processors and Threadripper Pro 3000 WX-series, requiring local system access but no special privileges or user interaction. No public exploit code or active exploitation has been confirmed at time of analysis.
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.
DDR5 memory modules in multiple AMD Ryzen processor families contain an insecure default PMIC (Power Management Integrated Circuit) interface configuration that allows local users with standard privileges to cause permanent denial of service or corrupt memory module integrity via unprotected firmware access. The vulnerability affects Ryzen 4000, 7000, 7020, 7030, 7035, 7040, 7045 series processors and Threadripper Pro 3000 WX-series, requiring local system access but no special privileges or user interaction. No public exploit code or active exploitation has been confirmed at time of analysis.
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.