3rd gen amd epyc

This hub aggregates every CVE we track for 3rd gen amd epyc, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting 3rd gen amd epyc.

• CVE-2024-21944Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root o...5.3Jun 10, 2026
• CVE-2024-36357A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boun...5.6Jul 8, 2025
• CVE-2024-36350A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.5.6Jul 8, 2025
• CVE-2024-36348A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in informatio...3.8Jul 8, 2025
• CVE-2024-36349A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.3.8Jul 8, 2025
• CVE-2023-31345Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5Feb 11, 2025
• CVE-2023-31343Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5Feb 11, 2025
• CVE-2023-31342Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5Feb 11, 2025
• CVE-2024-21925Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.8.2Feb 11, 2025
• CVE-CVE-2024-21944Уязвимость микропрограммного обеспечения процессоров безопасности AMD Secure Processor (ASP), связанная с неправильной проверкой входных данных, позволяющая нарушителю повысить свои привилегия5.3Jan 13, 2025
• CVE-2024-21981Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potenti...5.7Aug 13, 2024
• CVE-2023-31356Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.4.4Aug 13, 2024
• CVE-2023-20591Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting ...6.5Aug 13, 2024
• CVE-2024-21980Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.7.9Aug 5, 2024
• CVE-2024-21978Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.6.0Aug 5, 2024