324 matches found
AMD System Management Unit 缓冲区错误漏洞
The AMD System Management Unit SMU is a system management unit at UltraMicroelectronics AMD. The AMD System Management Unit has a security vulnerability that stems from the fact that its software interface between the ASP and the SMU may not enforce the SNP memory security policy, leading to a...
AMD Secure Processor 数据伪造问题漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that stems from insufficient validation of IO address mappings, resulting in a loss of memory integrity...
AMD Secure Processor 安全漏洞
AMD Secure Encrypted Virtualization is a product of AMD Semiconductor, Inc. AMD Secure Encrypted Virtualization is a software application.AMD System Management Unit SMU is a system management unit. AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip. A security vulnerability exists in AM...
CVE-2022-23814
Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment...
CVE-2022-23814
CVE-2022-23814 describes a failure to validate addresses provided by software to BIOS commands, which may cause loss of integrity of guest memory in confidential compute environments. The vulnerability is tied to AMD platform components (SBIOS/ASP/SMU/ BIOS mailbox handling) and is documented und...
CVE-2021-46767
Summary: CVE-2021-46767 involves AMD Secure Processor (ASP) and stems from insufficient input validation. An attacker with physical access could exploit ASP to gain unauthorized write access to memory, potentially causing loss of integrity and/or denial of service. The issue is documented across ...
CVE-2021-46767
Insufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leading to a loss of integrity or denial of service...
CVE-2021-26409
Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...
CVE-2021-26409
Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...
CVE-2021-26409
CVE-2021-26409 affects AMD SEV-ES, where insufficient bounds checking can corrupt the Reverse Map (RMP) memory, potentially compromising SNP memory integrity. Public references identify AMD SEV-ES-related memory integrity risk; mitigation guidance is distributed via AMD’s PSU/AGS updates (AMD-SB-...
CVE-2021-26396
The CVE-2021-26396 issue affects the AMD Secure Processor (ASP) where insufficient validation of address mapping to IO can lead to loss of memory integrity in the SNP guest. The entry is supported by multiple sources (NVD/NCSC AMD SB) detailing the vulnerability and its scope across AMD EPYC gene...
CVE-2021-26396
Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...
CVE-2021-26396
Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...
CVE-2021-26328
CVE-2021-26328 describes a vulnerability in AMD’s Secure Processor/AMD EPYC platform related to SNP_INIT. The issue is a failure to verify the mode of CPU execution during SNP_INIT, which may lead to a potential loss of memory integrity for SNP guests. The AMD security bulletin AMD-SB-1032 docume...
CVE-2021-26328
Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...
CVE-2021-26328
Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...
PT-2023-1482 · Amd · Amd System Management Unit +1
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP and System Management Unit SMU affected versions not specified Description: The issue is related to the software interfaces of ASP and SMU, which may not properly enforce the SNP memory security policy. This could lea...
PT-2023-1407 · Amd · Amd Bios
Name of the Vulnerable Software and Affected Versions: AMD BIOS software affected versions not specified Description: The issue is related to a buffer overflow in the memory of AMD processor security microcode, potentially allowing a remote attacker to disclose protected information. It involves...
PT-2023-1406 · Amd · Amd Processors
Name of the Vulnerable Software and Affected Versions: AMD processors affected versions not specified Description: The issue is related to insufficient input validation in the implementation of the SNP INIT command for the AMD processor firmware loading mode. This could allow a remote attacker to...
PT-2023-1404 · Amd · Amd Secure Encrypted Virtualization-Encrypted State
Name of the Vulnerable Software and Affected Versions: AMD Secure Encrypted Virtualization-Encrypted State SEV-ES affected versions not specified Description: The issue is related to insufficient bounds checking in the implementation of AMD Secure Encrypted Virtualization-Encrypted State SEV-ES...