AMD Quietly Lists 31 New CPU Vulnerabilities, Issues Patch Guidance


The vulnerabilities include three new variants for the consumer-geared Ryzen desktop PC, HEDT, Pro, and Mobile processors. One of the vulnerabilities is listed as high severity, while the other two are ranked as Medium or Low severity. These vulnerabilities can be exploited through either BIOS hacks or an attack on the AMD Secure Processor (ASP) bootloader.

The vulnerabilities span the Ryzen 2000-series Pinnacle Ridge desktop chips, along with the 2000- and 5000-series APU product lines that come with integrated graphics (Raven Ridge, Cezanne). In addition, AMD's Threadripper 2000- and 3000-series HEDT and Pro processors are also impacted, along with numerous Ryzen 2000-, 3000-, 5000-, 6000- and Athlon 3000-series mobile processors.


Ty for this critical heads-up . From what I understand is I need to wait for the updated bios from my motherboard vendor as I have ryzen 5900 .


Radhey Krishan
3900x, Yes.
5900x, No.
Is there a list that you have, share it here so that the forum members are made aware. I checked the news, not this one but about this threat and could not find anything compiled.
The article had a link to AMD's bulletin, was referring to that.

I'll make it easy for you and others.
N/A means not affected and hence no fix needed.
Ryzen 2000 series is fixed already long back with AGESA (Latest is v1.2.0.7 on most boards since a few months).
3000/5000 series is unaffected as all is N/A
5000G series is affected and will be fixed by upcoming AGESA

Other platforms can be deciphered in the same way.