AMD has disclosed four “potential vulnerabilities” that “may impact” some of its CPUs, including multiple generations of Ryzen desktop processors, such as the latest Ryzen 7000 Series. Some of the affected CPUs, which would include Ryzen 4000 Series Mobile Processors with Radeon Graphics, do not appear to have an AGESA fix yet (“Target Feb 2024”).
CVE details:
Desktop/HEDT products listed include:
- Ryzen 3000 Series
- Ryzen 4000 Series
- Ryzen 5000 Series
- Ryzen 7000 Series
- Athlon 3000 Series
- Threadripper 3000 Series
AMD on the vulnerabilities:
AMD has assessed the researchers’ findings and is publishing CVEs and mitigation recommendations for any issues that were found to impact AMD platforms. AMD believes some of the findings were made on PCs running outdated firmware or software. As always, AMD recommends following security best practices, including keeping operating systems up-to-date and running the latest versions of firmware and software.nds following security best practices, including keeping operating systems up-to-date and running the latest versions of firmware and software.