Amd Amd Epyc™ 7003 Processors
8 CVEs affecting Amd Amd Epyc™ 7003 Processors. Latest disclosed: 2025-02-11. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-21925 | High | 8.2 | 2025-02-11 | Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution. |
CVE-2023-31345 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2023-31343 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2023-31342 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2023-20578 | High | 7.5 | 2024-08-13 | A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications… |
CVE-2023-20584 | Medium | 5.3 | 2024-08-13 | IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised… |
CVE-2021-46746 | Medium | 5.2 | 2024-08-13 | Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing key… |
CVE-2023-31356 | Medium | 4.4 | 2024-08-13 | Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data int… |