Vulnerabilities > AMD > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-11 | CVE-2021-46791 | Out-of-bounds Write vulnerability in AMD Milanpi Firmware Insufficient input validation during parsing of the System Management Mode (SMM) binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement (DRTM) user application memory that may result in a potential denial of service. | 5.5 |
2023-01-11 | CVE-2021-46795 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memory out of bounds that could potentially result in a denial of service. | 4.7 |
2023-01-11 | CVE-2022-23813 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD Milanpi-Sp3 Firmware and Romepi Firmware The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment. | 5.3 |
2023-01-11 | CVE-2022-23814 | Improper Input Validation vulnerability in AMD Milanpi-Sp3 Firmware Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment. | 5.3 |
2023-01-11 | CVE-2023-20523 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or denial of service. | 5.7 |
2023-01-11 | CVE-2023-20525 | Improper Input Validation vulnerability in AMD products Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service. | 6.5 |
2023-01-11 | CVE-2023-20527 | Improper Input Validation vulnerability in AMD products Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service. | 6.5 |
2023-01-11 | CVE-2023-20532 | Improper Input Validation vulnerability in AMD products Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service. | 5.3 |
2022-11-09 | CVE-2021-26393 | Memory Leak vulnerability in AMD products Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confidentiality. | 5.5 |
2022-11-09 | CVE-2022-23824 | IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. | 5.5 |