Vulnerabilities > AMD > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-16 | CVE-2021-26315 | Insufficient Verification of Data Authenticity vulnerability in AMD products When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used. | 7.8 |
| 2021-11-16 | CVE-2021-26323 | Improper Input Validation vulnerability in AMD products Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity. | 7.8 |
| 2021-11-16 | CVE-2021-26331 | Unspecified vulnerability in AMD products AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution. | 7.8 |
| 2021-11-16 | CVE-2021-26335 | Unspecified vulnerability in AMD products Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution. | 7.8 |
| 2021-11-16 | CVE-2021-26322 | Use of Insufficiently Random Values vulnerability in AMD products Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”. | 7.5 |
| 2021-11-16 | CVE-2021-26326 | Improper Initialization vulnerability in AMD products Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity. | 7.8 |
| 2021-11-16 | CVE-2021-26338 | Unspecified vulnerability in AMD products Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources. | 7.5 |
| 2021-11-15 | CVE-2020-12893 | Out-of-bounds Write vulnerability in AMD Radeon Software 20.7.1 Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service. | 7.8 |
| 2021-11-15 | CVE-2020-12894 | Out-of-bounds Write vulnerability in AMD Radeon Software Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service. | 7.1 |
| 2021-11-15 | CVE-2020-12903 | Out-of-bounds Write vulnerability in AMD Radeon Software 20.7.1 Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service. | 7.8 |