Amd Epyc_72f3_firmware
94 CVEs affecting Amd Epyc_72f3_firmware. Latest disclosed: 2024-08-13. Critical: 3, High: 34.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-20520 | Critical | 9.8 | 2023-05-09 | Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading… |
CVE-2021-26379 | Critical | 9.8 | 2023-05-09 | Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially leading to a loss of integrity a… |
CVE-2021-46756 | Critical | 9.1 | 2023-05-09 | Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious Uapp or ABL to send… |
CVE-2021-46769 | High | 8.8 | 2023-05-09 | Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution… |
CVE-2021-26340 | High | 8.4 | 2021-12-10 | A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (T… |
CVE-2024-21980 | High | 7.9 | 2024-08-05 | Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in… |
CVE-2021-26398 | High | 7.8 | 2023-01-11 | Insufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor… |
CVE-2021-26316 | High | 7.8 | 2023-01-11 | Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (… |
CVE-2021-46771 | High | 7.8 | 2022-05-10 | Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user… |
CVE-2021-26353 | High | 7.8 | 2022-05-10 | Failure to validate inputs in SMM may allow an attacker to create a mishandled error leaving the DRTM UApp in a partially initialized state potentially resulti… |
CVE-2021-26324 | High | 7.8 | 2022-05-10 | A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs. |
CVE-2021-26335 | High | 7.8 | 2021-11-16 | Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to s… |
CVE-2021-26331 | High | 7.8 | 2021-11-16 | AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code executio… |
CVE-2021-26323 | High | 7.8 | 2021-11-16 | Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity. |
CVE-2021-26315 | High | 7.8 | 2021-11-16 | When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of th… |
CVE-2020-12961 | High | 7.8 | 2021-11-16 | A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management N… |
CVE-2020-12944 | High | 7.8 | 2021-11-16 | Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution. |
CVE-2021-26326 | High | 7.8 | 2021-11-16 | Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity. |
CVE-2023-20578 | High | 7.5 | 2024-08-13 | A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications… |
CVE-2023-20524 | High | 7.5 | 2023-05-09 | An attacker with a compromised ASP could possibly send malformed commands to an ASP on another CPU, resulting in an out of bounds write, potentially leading to… |