VYPR

Vendor CVEs

AMD

All CVEs

357 total · sorted by risk
  • CVE-2022-23823Jun 15, 2022
    risk 0.00cvss epss 0.01

    A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.

  • CVE-2021-26363May 12, 2022
    risk 0.00cvss epss 0.00

    A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure.

  • CVE-2021-26386May 12, 2022
    risk 0.00cvss epss 0.00

    A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution.

  • CVE-2021-26368May 12, 2022
    risk 0.00cvss epss 0.00

    Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service.

  • CVE-2021-26361May 12, 2022
    risk 0.00cvss epss 0.00

    A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure.

  • CVE-2021-26362May 12, 2022
    risk 0.00cvss epss 0.00

    A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability.

  • CVE-2021-26366May 12, 2022
    risk 0.00cvss epss 0.00

    An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity.

  • CVE-2021-26369May 12, 2022
    risk 0.00cvss epss 0.00

    A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses.

  • CVE-2021-46744May 11, 2022
    risk 0.00cvss epss 0.00

    An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.

  • CVE-2021-26400May 11, 2022
    risk 0.00cvss epss 0.00

    AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage.

  • CVE-2021-26388May 11, 2022
    risk 0.00cvss epss 0.00

    Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.

  • CVE-2021-26376May 11, 2022
    risk 0.00cvss epss 0.00

    Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.

  • CVE-2021-26373May 11, 2022
    risk 0.00cvss epss 0.00

    Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.

  • CVE-2021-26348May 11, 2022
    risk 0.00cvss epss 0.00

    Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.

  • CVE-2021-26364May 11, 2022
    risk 0.00cvss epss 0.00

    Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.

  • CVE-2021-26349May 11, 2022
    risk 0.00cvss epss 0.00

    Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA).

  • CVE-2021-26378May 11, 2022
    risk 0.00cvss epss 0.00

    Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.

  • CVE-2021-26347May 11, 2022
    risk 0.00cvss epss 0.00

    Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

  • CVE-2021-26342May 11, 2022
    risk 0.00cvss epss 0.00

    In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB…

  • CVE-2021-26375May 11, 2022
    risk 0.00cvss epss 0.00

    Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.

  • CVE-2021-26372May 11, 2022
    risk 0.00cvss epss 0.00

    Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.

  • CVE-2021-26339May 11, 2022
    risk 0.00cvss epss 0.00

    A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated…

  • CVE-2021-26350May 11, 2022
    risk 0.00cvss epss 0.00

    A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service.

  • CVE-2021-46771May 10, 2022
    risk 0.00cvss epss 0.00

    Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.

  • CVE-2021-26324May 10, 2022
    risk 0.00cvss epss 0.00

    A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs.

  • CVE-2021-26332May 10, 2022
    risk 0.00cvss epss 0.00

    Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.

  • CVE-2021-26408May 10, 2022
    risk 0.00cvss epss 0.00

    Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.

  • CVE-2022-23822Apr 27, 2022
    risk 0.00cvss epss 0.00

    In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader (FSBL) by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as…

  • CVE-2021-26341Mar 11, 2022
    risk 0.00cvss epss 0.00

    Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.

  • CVE-2021-26401Mar 11, 2022
    risk 0.00cvss epss 0.00

    LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.

  • CVE-2021-44850Feb 10, 2022
    risk 0.00cvss epss 0.00

    On Xilinx Zynq-7000 SoC devices, physical modification of an SD boot image allows for a buffer overflow attack in the ROM. Because the Zynq-7000's boot image header is unencrypted and unauthenticated before use, an attacker can modify the boot header stored on an SD card so that…

  • CVE-2020-12966Feb 4, 2022
    risk 0.00cvss epss 0.00

    AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this…

  • CVE-2020-12891Feb 4, 2022
    risk 0.00cvss epss 0.00

    AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable.

  • CVE-2020-12890Dec 10, 2021
    risk 0.00cvss epss 0.00

    Improper handling of pointers in the System Management Mode (SMM) handling code may allow for a privileged attacker with physical or administrative access to potentially manipulate the AMD Generic Encapsulated Software Architecture (AGESA) to execute arbitrary code undetected by…

  • CVE-2021-26340Dec 10, 2021
    risk 0.00cvss epss 0.00

    A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM).

  • CVE-2021-26334Dec 1, 2021
    risk 0.00cvss epss 0.01

    The AMDPowerProfiler.sys driver of AMD μProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user.

  • CVE-2021-0120Nov 17, 2021
    risk 0.00cvss epss 0.00

    Improper initialization in the installer for some Intel(R) Graphics DCH Drivers for Windows 10 before version 27.20.100.9316 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2021-26327Nov 16, 2021
    risk 0.00cvss epss 0.00

    Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality.

  • CVE-2020-12944Nov 16, 2021
    risk 0.00cvss epss 0.00

    Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution.

  • CVE-2020-12961Nov 16, 2021
    risk 0.00cvss epss 0.00

    A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections.

  • CVE-2021-26315Nov 16, 2021
    risk 0.00cvss epss 0.00

    When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used.

  • CVE-2021-26335Nov 16, 2021
    risk 0.00cvss epss 0.00

    Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution.

  • CVE-2021-26321Nov 16, 2021
    risk 0.00cvss epss 0.00

    Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP.

  • CVE-2020-12951Nov 16, 2021
    risk 0.00cvss epss 0.00

    Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations.

  • CVE-2021-26320Nov 16, 2021
    risk 0.00cvss epss 0.00

    Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP

  • CVE-2021-26312Nov 16, 2021
    risk 0.00cvss epss 0.00

    Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.

  • CVE-2020-12894Nov 15, 2021
    risk 0.00cvss epss 0.00

    Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service.

  • CVE-2020-12960Nov 15, 2021
    risk 0.00cvss epss 0.00

    AMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of service (DoS).

  • CVE-2020-12893Nov 15, 2021
    risk 0.00cvss epss 0.00

    Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service.

  • CVE-2020-12903Nov 15, 2021
    risk 0.00cvss epss 0.00

    Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service.

Page 6 of 8