| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources. |
| Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. |
| Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components. |
| Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution. |
| The AMDPowerProfiler.sys driver of AMD μProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user. |
| An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages. |
| Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability. |
| AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution. |
| AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. |
| AMD System Management Unit (SMU) may experience an integer overflow when an invalid length is provided which may result in a potential loss of resources. |
| Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality. |
| Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity. |
| Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service. |
| A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs. |
| Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity. |
| Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”. |
| Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP. |
| Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP |
| A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information. |
| Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution. |
