CVE-2023-20525

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service...

CVE-2023-20527

Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service...

CVE-2021-26346

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

Design/Logic Flaw

Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service...

Design/Logic Flaw

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service...

Integer overflow

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

AMD Secure Encrypted Virtualization 缓冲区错误漏洞

AMD Secure Encrypted Virtualization is a software application from UltraMicroelectronics AMD. Hardware-accelerated memory encryption to protect data in use. AMD Secure Encrypted Virtualization SEV suffers from a buffer error vulnerability that stems from insufficient validation of input. An...

AMD Secure Processor(ASP) 输入验证错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. AMD Secure Processor ASP suffers from a security vulnerability that stems from inadequate system call input validation in the Bootloader, which could allow a privileged attacker to read memory outside of...

CVE-2023-20527

Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service...

CVE-2023-20527

Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service...

CVE-2023-20527

CVE-2023-20527 concerns the AMD Secure Processor (ASP) Bootloader. The issue is an improper syscall input validation in the Bootloader, which may allow a privileged attacker to read memory out-of-bounds, potentially causing a denial-of-service. The CVSS v3.1 metrics indicate Network attack vector...

CVE-2023-20525

The CVE-2023-20525 issue affects the AMD Secure Processor (ASP) Bootloader: it is caused by insufficient syscall input validation that can allow a privileged attacker to read memory outside mapped register bounds, potentially causing a denial of service. Public details identify the affected compo...

CVE-2023-20525

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service...

CVE-2023-20525

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service...

CVE-2021-26346

CVE-2021-26346 affects AMD Secure Processor (ASP) bootloader: failure to validate the integer operand can enable an integer overflow in the L2 directory table in SPI flash, leading to potential denial of service. Affected by several AMD/industry advisories; mitigation requires firmware/BIOS updat...

CVE-2021-26346

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

PT-2023-12087 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to the failure to validate the integer operand in the ASP bootloader, which may allow an attacker to introduce an integer overflow in the L2 directory tabl...

PT-2023-1474 · Amd · Amd Bootloader

Name of the Vulnerable Software and Affected Versions: ASP Bootloader affected versions not specified AMD Bootloader affected versions not specified Description: The issue is related to improper input validation in the bootloader, which may allow a privileged attacker to read memory out-of-bounds...

PT-2023-1372 · Unknown · Asp Bootloader

Name of the Vulnerable Software and Affected Versions: ASP Bootloader affected versions not specified Description: The issue is related to insufficient syscall input validation in the ASP Bootloader, which may allow a privileged attacker to read memory outside the bounds of a mapped register,...

grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention...