Filtered by vendor Amd
Subscribe
Total
293 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23818 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Insufficient input validation on the model
specific register: VM_HSAVE_PA may potentially lead to loss of SEV-SNP guest
memory integrity.
|
|||||
| CVE-2021-46794 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Insufficient bounds checking in ASP (AMD Secure
Processor) may allow for an out of bounds read in SMI (System Management
Interface) mailbox checksum calculation triggering a data abort, resulting in a
potential denial of service.
|
|||||
| CVE-2021-46792 | 1 Amd | 110 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 107 more | 2025-01-28 | N/A | 5.9 MEDIUM |
|
Time-of-check Time-of-use (TOCTOU) in the
BIOS2PSP command may allow an attacker with a malicious BIOS to create a race
condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon
an S3 resume event potentially leading to a denial of service.
|
|||||
| CVE-2021-46775 | 1 Amd | 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more | 2025-01-28 | N/A | 6.8 MEDIUM |
|
Improper input validation in ABL may enable an
attacker with physical access, to perform arbitrary memory overwrites,
potentially leading to a loss of integrity and code execution.
|
|||||
| CVE-2021-46773 | 1 Amd | 126 Ryzen 1200 \(af\), Ryzen 1200 \(af\) Firmware, Ryzen 1600 \(af\) and 123 more | 2025-01-28 | N/A | 8.8 HIGH |
|
Insufficient input validation in ABL may enable
a privileged attacker to corrupt ASP memory, potentially resulting in a loss of
integrity or code execution.
|
|||||
| CVE-2021-46769 | 1 Amd | 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more | 2025-01-28 | N/A | 8.8 HIGH |
|
Insufficient syscall input validation in the ASP
Bootloader may allow a privileged attacker to execute arbitrary DMA copies,
which can lead to code execution.
|
|||||
| CVE-2021-46764 | 1 Amd | 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Improper validation of DRAM addresses in SMU may
allow an attacker to overwrite sensitive memory locations within the ASP
potentially resulting in a denial of service.
|
|||||
| CVE-2021-46763 | 1 Amd | 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Insufficient input validation in the SMU may
enable a privileged attacker to write beyond the intended bounds of a shared
memory buffer potentially leading to a loss of integrity.
|
|||||
| CVE-2021-46756 | 1 Amd | 126 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 123 more | 2025-01-28 | N/A | 9.1 CRITICAL |
|
Insufficient validation of inputs in
SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an
attacker with a malicious Uapp or ABL to send malformed or invalid syscall to
the bootloader resulting in a potential denial of service and loss of
integrity.
|
|||||
| CVE-2021-46755 | 1 Amd | 46 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 43 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Failure to unmap certain SysHub mappings in
error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker
with a malicious bootloader to exhaust the SysHub resources resulting in a
potential denial of service.
|
|||||
| CVE-2021-46753 | 1 Amd | 132 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 129 more | 2025-01-28 | N/A | 9.1 CRITICAL |
|
Failure to validate the length fields of the ASP
(AMD Secure Processor) sensor fusion hub headers may allow an attacker with a
malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite
data structures leading to a potential loss of confidentiality and integrity.
|
|||||
| CVE-2021-46749 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Insufficient bounds checking in ASP (AMD Secure
Processor) may allow for an out of bounds read in SMI (System Management
Interface) mailbox checksum calculation triggering a data abort, resulting in a
potential denial of service.
|
|||||
| CVE-2021-26406 | 1 Amd | 80 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 77 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Insufficient validation in parsing Owner's
Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization)
and SEV-ES user application can lead to a host crash potentially resulting in
denial of service.
|
|||||
| CVE-2021-26397 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2025-01-28 | N/A | 7.1 HIGH |
|
Insufficient address validation, may allow an
attacker with a compromised ABL and UApp to corrupt sensitive memory locations
potentially resulting in a loss of integrity or availability.
|
|||||
| CVE-2021-26379 | 1 Amd | 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more | 2025-01-28 | N/A | 9.8 CRITICAL |
|
Insufficient input validation of mailbox data in the
SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially
leading to a loss of integrity and privilege escalation.
|
|||||
| CVE-2021-26371 | 1 Amd | 256 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 253 more | 2025-01-28 | N/A | 5.5 MEDIUM |
|
A compromised or malicious ABL or UApp could
send a SHA256 system call to the bootloader, which may result in exposure of
ASP memory to userspace, potentially leading to information disclosure.
|
|||||
| CVE-2021-26365 | 1 Amd | 108 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 105 more | 2025-01-28 | N/A | 8.2 HIGH |
|
Certain size values in firmware binary headers
could trigger out of bounds reads during signature validation, leading to
denial of service or potentially limited leakage of information about
out-of-bounds memory contents.
|
|||||
| CVE-2021-26356 | 1 Amd | 196 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 193 more | 2025-01-28 | N/A | 7.4 HIGH |
|
A TOCTOU in ASP bootloader may allow an attacker
to tamper with the SPI ROM following data read to memory potentially resulting
in S3 data corruption and information disclosure.
|
|||||
| CVE-2021-26354 | 1 Amd | 304 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 301 more | 2025-01-28 | N/A | 5.5 MEDIUM |
|
Insufficient bounds checking in ASP may allow an
attacker to issue a system call from a compromised ABL which may cause
arbitrary memory values to be initialized to zero, potentially leading to a
loss of integrity.
|
|||||
| CVE-2021-46765 | 1 Amd | 88 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 85 more | 2025-01-27 | N/A | 7.5 HIGH |
|
Insufficient input validation in ASP may allow
an attacker with a compromised SMM to induce out-of-bounds memory reads within
the ASP, potentially leading to a denial of service.
|
|||||
| CVE-2021-46760 | 1 Amd | 14 Ryzen 3945wx, Ryzen 3945wx Firmware, Ryzen 3955wx and 11 more | 2025-01-27 | N/A | 9.8 CRITICAL |
|
A malicious or compromised UApp or ABL can send
a malformed system call to the bootloader, which may result in an out-of-bounds
memory access that may potentially lead to an attacker leaking sensitive
information or achieving code execution.
|
|||||
| CVE-2021-46759 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-27 | N/A | 6.1 MEDIUM |
|
Improper syscall input validation in AMD TEE
(Trusted Execution Environment) may allow an attacker with physical access and
control of a Uapp that runs under the bootloader to reveal the contents of the
ASP (AMD Secure Processor) bootloader accessible memory to a serial port,
resulting in a potential loss of integrity.
|
|||||
| CVE-2024-21946 | 1 Amd | 1 Ryzen Master Utility For Overclocking Control | 2024-12-18 | N/A | 7.3 HIGH |
|
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
|
|||||
| CVE-2024-21938 | 1 Amd | 1 Management Plugin For Sccm | 2024-12-18 | N/A | 7.3 HIGH |
|
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configuration Manager (SCCM) installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
|
|||||
| CVE-2024-21939 | 1 Amd | 1 Cloud Manageability Service | 2024-12-18 | N/A | 7.3 HIGH |
|
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
|
|||||
| CVE-2024-21945 | 1 Amd | 1 Ryzen Master Monitoring Software Development Kit | 2024-12-18 | N/A | 7.3 HIGH |
|
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
|
|||||
| CVE-2024-21957 | 1 Amd | 1 Management Console | 2024-12-18 | N/A | 7.3 HIGH |
|
Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
|
|||||
| CVE-2024-21958 | 1 Amd | 1 Provisioning Console | 2024-12-18 | N/A | 7.3 HIGH |
|
Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
|
|||||
| CVE-2023-31307 | 1 Amd | 32 Radeon Pro W6300, Radeon Pro W6400, Radeon Pro W6600 and 29 more | 2024-12-13 | N/A | 2.3 LOW |
|
Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged attacker to cause an out-of-bounds memory read within PMFW, potentially leading to a denial of service.
|
|||||
| CVE-2021-26367 | 1 Amd | 102 Athlon Gold 3150c, Athlon Gold 3150c Firmware, Athlon Gold 3150g and 99 more | 2024-12-12 | N/A | 5.7 MEDIUM |
|
A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.
|
|||||
| CVE-2023-20584 | 1 Amd | 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more | 2024-12-12 | N/A | 5.3 MEDIUM |
|
IOMMU improperly handles certain special address
ranges with invalid device table entries (DTEs), which may allow an attacker
with privileges and a compromised Hypervisor to
induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a
loss of guest integrity.
|
|||||
| CVE-2023-20510 | 1 Amd | 32 Radeon Pro W6300, Radeon Pro W6400, Radeon Pro W6600 and 29 more | 2024-12-12 | N/A | 4.7 MEDIUM |
|
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.
|
|||||
| CVE-2023-31366 | 1 Amd | 1 Uprof | 2024-12-12 | N/A | 3.3 LOW |
|
Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid address, potentially resulting in denial of service.
|
|||||
| CVE-2023-31349 | 1 Amd | 1 Uprof | 2024-12-12 | N/A | 7.3 HIGH |
|
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
|
|||||
| CVE-2023-31348 | 1 Amd | 1 Uprof | 2024-12-12 | N/A | 7.3 HIGH |
|
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
|
|||||
| CVE-2024-21937 | 1 Amd | 2 Radeon Software, Radeon Software For Hip | 2024-11-27 | N/A | 7.3 HIGH |
|
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
|
|||||
| CVE-2023-20575 | 1 Amd | 176 Epyc 5552, Epyc 5552 Firmware, Epyc 7232p and 173 more | 2024-11-27 | N/A | 6.5 MEDIUM |
|
A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information.
|
|||||
| CVE-2019-5478 | 1 Amd | 82 Zu11eg, Zu11eg Firmware, Zu15eg and 79 more | 2024-11-27 | 2.1 LOW | 5.5 MEDIUM |
|
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.
|
|||||
| CVE-2023-31339 | 2 Amd, Arm | 43 Trusted Firmware-a, Zu11eg, Zu15eg and 40 more | 2024-11-27 | N/A | 4.8 MEDIUM |
|
Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.
|
|||||
| CVE-2024-21980 | 1 Amd | 172 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 169 more | 2024-11-26 | N/A | 7.9 HIGH |
|
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.
|
|||||