Ryzen 5300G Firmware
Monthly
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.