Vulnerabilities > AMD

DATE CVE VULNERABILITY TITLE RISK
2021-10-13 CVE-2021-26318 Information Exposure Through Discrepancy vulnerability in AMD products
A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information.
local
amd CWE-203
1.9
2021-09-21 CVE-2021-26333 Improper Privilege Management vulnerability in AMD Chipset Driver and PSP Driver
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver.
local
low complexity
amd CWE-269
4.9
2021-05-13 CVE-2020-12967 Command Injection vulnerability in AMD products
The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
network
low complexity
amd CWE-77
critical
9.0
2021-05-13 CVE-2021-26311 Command Injection vulnerability in AMD products
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
network
low complexity
amd CWE-77
critical
9.0
2020-11-12 CVE-2020-12927 Unspecified vulnerability in AMD Vbios Flash Tool Software Development KIT
A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.
local
low complexity
amd
7.2
2020-11-12 CVE-2020-12926 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD Trusted Platform Modules Reference
The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens.
local
amd CWE-367
4.4
2020-11-12 CVE-2020-12912 Information Exposure Through Discrepancy vulnerability in AMD Energy Driver for Linux
A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks.
local
low complexity
amd CWE-203
2.1
2020-10-13 CVE-2020-12928 Improper Privilege Management vulnerability in AMD Ryzen Master
A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.
local
low complexity
amd CWE-269
7.2
2020-10-13 CVE-2020-12933 Out-of-bounds Read vulnerability in AMD Atikmdag.Sys 26.20.15029.27017
A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS (e.g.
local
low complexity
amd CWE-125
4.9
2020-10-13 CVE-2020-12911 Out-of-bounds Read vulnerability in AMD Atikmdag.Sys 26.20.15029.27017
A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g.
local
low complexity
amd CWE-125
4.9