Vulnerabilities > AMD > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-11 | CVE-2023-20573 | Unspecified vulnerability in AMD products A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information. | 3.2 |
| 2023-11-14 | CVE-2023-20519 | Use After Free vulnerability in AMD Genoapi Firmware and Milanpi Firmware A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity. | 3.3 |
| 2023-01-11 | CVE-2023-20528 | Improper Input Validation vulnerability in AMD products Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality. | 2.4 |
| 2022-05-11 | CVE-2021-26400 | Unspecified vulnerability in AMD CPU AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. | 2.1 |
| 2022-05-11 | CVE-2021-26350 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service. | 1.9 |
| 2022-05-11 | CVE-2021-26349 | Unspecified vulnerability in AMD products Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA). | 2.1 |
| 2022-05-11 | CVE-2021-26348 | Unspecified vulnerability in AMD products Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. | 2.1 |
| 2022-05-11 | CVE-2021-26342 | Unspecified vulnerability in AMD products In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). | 2.1 |
| 2022-03-11 | CVE-2021-26401 | Unspecified vulnerability in AMD products LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. local amd | 1.9 |
| 2021-12-10 | CVE-2021-26340 | Unspecified vulnerability in AMD products A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM). | 3.6 |