Integer overflow

2022-05-1117:15:00

PRIOn knowledge base

www.prio-n.com

4.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

CPENameOperatorVersion
epyc_7002_firmwareeq< romepisp31.0.0.d
epyc_7232p_firmwareeq< romepisp31.0.0.d
epyc_7252_firmwareeq< romepisp31.0.0.d
epyc_7262_firmwareeq< romepisp31.0.0.d
epyc_7272_firmwareeq< romepisp31.0.0.d
epyc_7282_firmwareeq< romepisp31.0.0.d
epyc_72f3_firmwareeq< milanpisp31.0.0.7
epyc_7302_firmwareeq< romepisp31.0.0.d
epyc_7302p_firmwareeq< romepisp31.0.0.d
epyc_7313_firmwareeq< milanpisp31.0.0.7

Name	Operator	Version
epyc_7002_firmware	eq	< romepisp31.0.0.d
epyc_7232p_firmware	eq	< romepisp31.0.0.d
epyc_7252_firmware	eq	< romepisp31.0.0.d
epyc_7262_firmware	eq	< romepisp31.0.0.d
epyc_7272_firmware	eq	< romepisp31.0.0.d
epyc_7282_firmware	eq	< romepisp31.0.0.d
epyc_72f3_firmware	eq	< milanpisp31.0.0.7
epyc_7302_firmware	eq	< romepisp31.0.0.d
epyc_7302p_firmware	eq	< romepisp31.0.0.d
epyc_7313_firmware	eq	< milanpisp31.0.0.7