Amd ryzen threadripper pro processors
This hub aggregates every CVE we track for Amd ryzen threadripper pro processors, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM7HIGH3
Monthly trend
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 10 most recently published vulnerabilities affecting Amd ryzen threadripper pro processors.
- CVE-2024-21924SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution.8.2
- CVE-2022-23829A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.8.2
- CVE-2022-23820Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.7.5
- CVE-2022-27672When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.4.7
- CVE-2022-23824IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.5.5
- CVE-2022-23825Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.6.5
- CVE-2022-29900Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.6.5
- CVE-2022-29901Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)5.6
- CVE-2022-23823A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.6.5
- CVE-2021-26401LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.5.6
Product normalization is registry-driven with AI assist and human review. How it works