AMD has revealed a whole host of CPU security flaws

AMD Ryzen 5 7600X processor
(Image credit: Future)

AMD has found, and patched, almost three dozen vulnerabilities in both its consumer and business products. 

In an update on its website, the CPU giant detailed a total of 31 patches for security issue, some of which were high-severity.

Three vulnerabilities affect Ryzen processors, for desktop PC, HEDT, Pro, and Mobile platforms - one of which is listed as high severity, while the other two were medium or low.

EPYC vulnerability

A threat actor could abuse the vulnerabilities through a BIOS hack or an attack on the AMD Secure Processor bootloader. Ryzen 2000-series Pinnacle Ridge desktop chips, 2000- and 5000-series APU product lines, Threadripper 2000- and 3000-series HEDT, and Pro processors, were all said to have been impacted, together with Ryzen 2000-, 3000-, 5000-, 6000-, and Athlon 3000-series mobile chips. 

The remaining 28 flaws were found in the AMD EPYC processors, designed to power its x86 servers. 

Four flaws were found to have been of high severity, three of which allowed arbitrary code execution, while the remaining one allowed writing data, leading to data integrity and data availability losses. The other 15 flaws were ranked as either medium severity or low severity.

Besides the patches for the flaws, the update also lists ASEGA versions with fixes for affected chips. The ASEGA revisions were issued to Original Equipment Manufacturers (OEM), allowing them to address the flaws in BIOS/UEFI. 

As different manufacturers may patch their BIOS at a different speed, it’s impossible to know when each model will be sorted. 

AMD gave credit to a number of tech giants helping with the discovery and the remediation of the flaw, including Google, Apple, and Oracle. Speaking to Tom’s Hardware, the company said it usually discloses these flaws twice a year, once in May, and once in November, but given the size of the recent findings, decided to list them as soon as possible. 

Via: Tom's Hardware

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
AMD logo
AMD patches high severity security flaw affecting Zen chips
AMD Ryzen 5 7600X processor
AMD confirms processor security flaws after Asus patch slips out early
AMD logo
Security flaw means AMD Zen CPUs can be "jailbroken"
Security
Intel slams Nvidia and AMD, claims chip giants have huge numbers of security flaws
MediaTek
MediaTek reveals host of security vulnerabilities, so patch now
An abstract image of a lock against a digital background, denoting cybersecurity.
Apple CPU security issue could let hackers steal user data from browsers
Latest in Security
An American flag flying outside the US Capitol building against a blue sky
The FCC is creating a security council to bolster US defenses against cyberattacks
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Biometrics add another layer of security to passwordless authentication
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Latest in News
Google Gemini Flash 2.0 Images
I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung Galaxy S26 Ultra could resurrect an intriguing camera feature
Eurocom Raptor X18
At $15,000, this massive 256GB RAM laptop makes Apple's MacBook Pro look affordable, tiny and very, very slow
Cristin Milioti in Black Mirror season 7
Netflix launches trailer for Black Mirror season 7, giving us a look at its first-ever sequel episode and an unexpected returning character
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
A close up of The Daily podcast from Pocket Casts' web page
‘Podcasting shouldn’t be locked behind walled gardens’: Pocket Casts slams Spotify and makes its web player free to all