Lucene search
K

204 matches found

Amd
Amd
added 2024/08/13 12:0 a.m.83 views

Client Vulnerabilities – Aug 2024

Bulletin ID: AMD-SB-4004 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Secure Processor ASP, and other platform components were reported. Mitigations are being provided in Platform Initialization PI...

8.2CVSS6.8AI score0.00184EPSS
Exploits0
OSV
OSV
added 2024/05/15 6:15 p.m.3 views

DEBIAN-CVE-2024-25743

In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES...

7.1CVSS6.2AI score0.00247EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.4 views

kernel: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration

A flaw was found in the Linux kernel's KVM SVM implementation for AMD SEV-ES. During intrahost VM migration, KVM incorrectly retrieves source vCPUs from the destination VM instead of the source VM. This causes the VMSA Virtual Machine Save Area pointer to remain NULL, leading to a host kernel cra...

5.8AI score0.00166EPSS
Exploits0References5
NVD
NVD
added 2023/11/14 7:15 p.m.46 views

CVE-2021-46748

Insufficient bounds checking in the ASP AMD Secure Processor may allow an attacker to access memory outside the bounds of what is permissible to a TA Trusted Application resulting in a potential denial of service...

5.5CVSS0.00211EPSS
Exploits0References2
NVD
NVD
added 2023/11/14 7:15 p.m.32 views

CVE-2021-46758

Insufficient validation of SPI flash addresses in the ASP AMD Secure Processor bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity...

6.1CVSS0.00325EPSS
Exploits0References1
Prion
Prion
added 2023/11/14 7:15 p.m.20 views

Out-of-bounds

Insufficient bounds checking in the ASP AMD Secure Processor may allow an attacker to access memory outside the bounds of what is permissible to a TA Trusted Application resulting in a potential denial of service...

1.7CVSS7AI score0.00211EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2023/11/14 6:54 p.m.35 views

CVE-2021-46758

Insufficient validation of SPI flash addresses in the ASP AMD Secure Processor bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity...

6.9AI score0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/14 6:50 p.m.39 views

CVE-2021-46748

Insufficient bounds checking in the ASP AMD Secure Processor may allow an attacker to access memory outside the bounds of what is permissible to a TA Trusted Application resulting in a potential denial of service...

6.2AI score0.00211EPSS
Exploits0References2
CVE
CVE
added 2023/11/14 6:50 p.m.78 views

CVE-2021-46748

CVE-2021-46748 involves insufficient bounds checking in the AMD Secure Processor (ASP), potentially allowing a local attacker to access memory outside the bounds allowed to a Trusted Application, causing a denial of service. Connected sources confirm impact on AMD graphics components and ASP inte...

5.5CVSS5.6AI score0.00211EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/14 3:24 p.m.13 views

kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

5.6CVSS6.7AI score0.00159EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.4 views

AMD Secure Processor Buffer Error Vulnerability

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. The AMD Secure Processor suffers from a buffer error vulnerability that stems from the fact that insufficient boundary checking in the AMD Secure Processor could lead to an attacker accessing memory outsi...

5.5CVSS6.8AI score0.00211EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.47 views

Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6416-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6416-3 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...

9.1CVSS8.1AI score0.54577EPSS
Exploits6References14
Tenable Nessus
Tenable Nessus
added 2023/10/14 12:0 a.m.93 views

SUSE SLED15: cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc (SUSE-SU-2023:4071-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4071-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

7.8CVSS6.7AI score0.01094EPSS
Exploits4References115
OSV
OSV
added 2023/10/10 2:42 p.m.9 views

SUSE-SU-2023:4035-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem bsc1215861. - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem bsc121586...

7.8CVSS8AI score0.00553EPSS
Exploits4References37
Tenable Nessus
Tenable Nessus
added 2023/08/14 12:0 a.m.34 views

Fedora 37 : kernel (2023-d9509be489)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d9509be489 advisory. The 6.4.10 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

6.7CVSS7.1AI score0.00664EPSS
Exploits1References4
Prion
Prion
added 2023/05/09 8:15 p.m.29 views

Input validation

Insufficient validation of inputs in SVCMAPUSERSTACK in the ASP AMD Secure Processor bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the bootloader resulting in a potential denial of service and loss of integrity...

6.4CVSS9.1AI score0.00645EPSS
Exploits0References2Affected Software63
NVD
NVD
added 2023/05/09 7:15 p.m.29 views

CVE-2021-46749

Insufficient bounds checking in ASP AMD Secure Processor may allow for an out of bounds read in SMI System Management Interface mailbox checksum calculation triggering a data abort, resulting in a potential denial of service...

7.5CVSS7.8AI score0.00616EPSS
Exploits0References1
OSV
OSV
added 2023/05/09 7:15 p.m.3 views

CVE-2021-46749

Insufficient bounds checking in ASP AMD Secure Processor may allow for an out of bounds read in SMI System Management Interface mailbox checksum calculation triggering a data abort, resulting in a potential denial of service...

7.5CVSS5.8AI score0.00616EPSS
Exploits0References1
Prion
Prion
added 2023/05/09 7:15 p.m.31 views

Authorization

Failure to validate the length fields of the ASP AMD Secure Processor sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity...

6.4CVSS9.1AI score0.0056EPSS
Exploits0References1Affected Software66
Vulnrichment
Vulnrichment
added 2023/05/09 7:1 p.m.12 views

CVE-2021-46794

Insufficient bounds checking in ASP AMD Secure Processor may allow for an out of bounds read in SMI System Management Interface mailbox checksum calculation triggering a data abort, resulting in a potential denial of service...

7.9AI score0.00616EPSS
Exploits0References1
Rows per page
Query Builder