advanced micro devices inc.

Top products

The 15 most recently published vulnerabilities affecting advanced micro devices inc..

• CVE-2024-21944Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root o...5.3Jun 10, 2026
• CVE-2025-54518Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially re...7.0May 15, 2026
• CVE-2025-54502Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resul...7.5Apr 16, 2026
• CVE-2023-20585Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting ...5.3Apr 16, 2026
• CVE-2023-20540Уязвимость компонента AMD Secure Processor микропрограммного обеспечения графических процессоров AMD, позволяющая нарушителю выполнить атаку методом перебора и обойти существующие ограничения безопасности5.2Feb 20, 2026
• CVE-2024-21961Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service atta...6.3Feb 12, 2026
• CVE-2025-52533Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.7.7Feb 12, 2026
• CVE-2024-36311A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potenti...4.2Feb 10, 2026
• CVE-2025-48515Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code ...6.0Feb 10, 2026
• CVE-2021-26410Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of th...5.2Feb 10, 2026
• CVE-2021-26381Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memor...6.4Feb 10, 2026
• CVE-2024-36355Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code ex...5.3Feb 10, 2026
• CVE-2024-36310Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or i...3.4Feb 10, 2026
• CVE-2025-0029Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memor...2.5Feb 10, 2026
• CVE-2025-48514Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.3.2Feb 10, 2026