Filtered by vendor Amd
Subscribe
Total
232 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23831 | 4 Amd, Freebsd, Linux and 1 more | 4 Amd Uprof, Freebsd, Linux Kernel and 1 more | 2024-02-04 | N/A | 7.5 HIGH |
| Insufficient validation of the IOCTL input buffer in AMD ?Prof may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service. | |||||
| CVE-2022-27673 | 1 Amd | 1 Amd Link | 2024-02-04 | N/A | 7.5 HIGH |
| Insufficient access controls in the AMD Link Android app may potentially result in information disclosure. | |||||
| CVE-2021-26350 | 1 Amd | 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more | 2024-02-04 | 1.9 LOW | 4.7 MEDIUM |
| A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service. | |||||
| CVE-2022-23823 | 1 Amd | 284 A10-9600p, A10-9600p Firmware, A10-9630p and 281 more | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. | |||||
| CVE-2021-46744 | 1 Amd | 198 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 195 more | 2024-02-04 | 2.1 LOW | 6.5 MEDIUM |
| An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time. | |||||
| CVE-2021-26364 | 1 Amd | 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service. | |||||
| CVE-2021-26373 | 1 Amd | 175 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 172 more | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service. | |||||
| CVE-2021-26362 | 1 Amd | 71 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 68 more | 2024-02-04 | 6.6 MEDIUM | 7.1 HIGH |
| A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability. | |||||
| CVE-2021-26349 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA). | |||||
| CVE-2021-26347 | 1 Amd | 98 Epyc 7002, Epyc 7002 Firmware, Epyc 7232p and 95 more | 2024-02-04 | 4.7 MEDIUM | 4.7 MEDIUM |
| Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service. | |||||
| CVE-2021-26368 | 1 Amd | 140 Ryzen 3 2200u, Ryzen 3 2200u Firmware, Ryzen 3 2300u and 137 more | 2024-02-04 | 4.9 MEDIUM | 4.4 MEDIUM |
| Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service. | |||||
| CVE-2021-26378 | 1 Amd | 167 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 164 more | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. | |||||
| CVE-2021-26370 | 1 Amd | 98 Epyc 7002, Epyc 7002 Firmware, Epyc 7232p and 95 more | 2024-02-04 | 6.6 MEDIUM | 7.1 HIGH |
| Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability. | |||||
| CVE-2021-26408 | 1 Amd | 76 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 73 more | 2024-02-04 | 6.6 MEDIUM | 7.1 HIGH |
| Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality. | |||||
| CVE-2021-26375 | 1 Amd | 167 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 164 more | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service. | |||||
| CVE-2021-26361 | 1 Amd | 71 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 68 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure. | |||||
| CVE-2021-26352 | 1 Amd | 60 Ryzen 3 5300g, Ryzen 3 5300g Firmware, Ryzen 3 5300ge and 57 more | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service. | |||||
| CVE-2021-26386 | 1 Amd | 140 Ryzen 3 2200u, Ryzen 3 2200u Firmware, Ryzen 3 2300u and 137 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution. | |||||
| CVE-2021-44850 | 1 Amd | 20 Xilinx Z-7007s, Xilinx Z-7007s Firmware, Xilinx Z-7010 and 17 more | 2024-02-04 | 4.6 MEDIUM | 6.8 MEDIUM |
| On Xilinx Zynq-7000 SoC devices, physical modification of an SD boot image allows for a buffer overflow attack in the ROM. Because the Zynq-7000's boot image header is unencrypted and unauthenticated before use, an attacker can modify the boot header stored on an SD card so that a secure image appears to be unencrypted, and they will be able to modify the full range of register initialization values. Normally, these registers will be restricted when booting securely. Of importance to this attack are two registers that control the SD card's transfer type and transfer size. These registers could be modified a way that causes a buffer overflow in the ROM. | |||||
| CVE-2021-26366 | 1 Amd | 125 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 122 more | 2024-02-04 | 3.6 LOW | 7.1 HIGH |
| An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity. | |||||