Lucene search
K

324 matches found

CNNVD
CNNVD
added 2023/01/11 12:0 a.m.7 views

AMD System Management Unit 缓冲区错误漏洞

The AMD System Management Unit SMU is a system management unit at UltraMicroelectronics AMD. The AMD System Management Unit has a security vulnerability that stems from the fact that its software interface between the ASP and the SMU may not enforce the SNP memory security policy, leading to a...

5.3CVSS5.7AI score0.00504EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.5 views

AMD Secure Processor 数据伪造问题漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that stems from insufficient validation of IO address mappings, resulting in a loss of memory integrity...

4.4CVSS5.1AI score0.00113EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.4 views

AMD Secure Processor 安全漏洞

AMD Secure Encrypted Virtualization is a product of AMD Semiconductor, Inc. AMD Secure Encrypted Virtualization is a software application.AMD System Management Unit SMU is a system management unit. AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip. A security vulnerability exists in AM...

4.4CVSS5.3AI score0.00185EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/01/10 8:56 p.m.21 views

CVE-2022-23814

Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment...

6AI score0.00475EPSS
Exploits0References1
CVE
CVE
added 2023/01/10 8:56 p.m.77 views

CVE-2022-23814

CVE-2022-23814 describes a failure to validate addresses provided by software to BIOS commands, which may cause loss of integrity of guest memory in confidential compute environments. The vulnerability is tied to AMD platform components (SBIOS/ASP/SMU/ BIOS mailbox handling) and is documented und...

5.3CVSS6.1AI score0.00475EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/01/10 8:56 p.m.58 views

CVE-2021-46767

Summary: CVE-2021-46767 involves AMD Secure Processor (ASP) and stems from insufficient input validation. An attacker with physical access could exploit ASP to gain unauthorized write access to memory, potentially causing loss of integrity and/or denial of service. The issue is documented across ...

6.1CVSS6.5AI score0.00275EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/10 8:56 p.m.25 views

CVE-2021-46767

Insufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leading to a loss of integrity or denial of service...

6.2AI score0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/10 8:56 p.m.8 views

CVE-2021-26409

Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...

7.5AI score0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/10 8:56 p.m.24 views

CVE-2021-26409

Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...

7.7AI score0.00189EPSS
Exploits0References1
CVE
CVE
added 2023/01/10 8:56 p.m.57 views

CVE-2021-26409

CVE-2021-26409 affects AMD SEV-ES, where insufficient bounds checking can corrupt the Reverse Map (RMP) memory, potentially compromising SNP memory integrity. Public references identify AMD SEV-ES-related memory integrity risk; mitigation guidance is distributed via AMD’s PSU/AGS updates (AMD-SB-...

7.8CVSS7.7AI score0.00189EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/01/10 8:56 p.m.51 views

CVE-2021-26396

The CVE-2021-26396 issue affects the AMD Secure Processor (ASP) where insufficient validation of address mapping to IO can lead to loss of memory integrity in the SNP guest. The entry is supported by multiple sources (NVD/NCSC AMD SB) detailing the vulnerability and its scope across AMD EPYC gene...

4.4CVSS5.5AI score0.00113EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/10 8:56 p.m.9 views

CVE-2021-26396

Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...

4.7AI score0.00113EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/10 8:56 p.m.23 views

CVE-2021-26396

Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...

5AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2023/01/10 8:56 p.m.46 views

CVE-2021-26328

CVE-2021-26328 describes a vulnerability in AMD’s Secure Processor/AMD EPYC platform related to SNP_INIT. The issue is a failure to verify the mode of CPU execution during SNP_INIT, which may lead to a potential loss of memory integrity for SNP guests. The AMD security bulletin AMD-SB-1032 docume...

4.4CVSS5.7AI score0.00185EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/10 8:56 p.m.8 views

CVE-2021-26328

Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...

4.8AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/10 8:56 p.m.28 views

CVE-2021-26328

Failure to verify the mode of CPU execution at the time of SNPINIT may lead to a potential loss of memory integrity for SNP guests...

6.1AI score0.00185EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.4 views

PT-2023-1482 · Amd · Amd System Management Unit +1

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP and System Management Unit SMU affected versions not specified Description: The issue is related to the software interfaces of ASP and SMU, which may not properly enforce the SNP memory security policy. This could lea...

5.3CVSS5.3AI score0.00504EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.6 views

PT-2023-1407 · Amd · Amd Bios

Name of the Vulnerable Software and Affected Versions: AMD BIOS software affected versions not specified Description: The issue is related to a buffer overflow in the memory of AMD processor security microcode, potentially allowing a remote attacker to disclose protected information. It involves...

5.3CVSS5.3AI score0.00475EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.3 views

PT-2023-1406 · Amd · Amd Processors

Name of the Vulnerable Software and Affected Versions: AMD processors affected versions not specified Description: The issue is related to insufficient input validation in the implementation of the SNP INIT command for the AMD processor firmware loading mode. This could allow a remote attacker to...

5CVSS4.6AI score0.00185EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.4 views

PT-2023-1404 · Amd · Amd Secure Encrypted Virtualization-Encrypted State

Name of the Vulnerable Software and Affected Versions: AMD Secure Encrypted Virtualization-Encrypted State SEV-ES affected versions not specified Description: The issue is related to insufficient bounds checking in the implementation of AMD Secure Encrypted Virtualization-Encrypted State SEV-ES...

7.8CVSS7.1AI score0.00189EPSS
Exploits0References5
Rows per page
Query Builder