367 matches found
PT-2023-12087 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to the failure to validate the integer operand in the ASP bootloader, which may allow an attacker to introduce an integer overflow in the L2 directory tabl...
AMD Client Vulnerabilities – January 2023
Bulletin ID: AMD-SB-1031 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary In collaboration with various third parties, AMD platforms were audited for potential security exposures. Potential vulnerabilities in AMD Secure Processor ASP,...
PT-2023-1402 · Amd · Amd Bios +1
Name of the Vulnerable Software and Affected Versions: AMD BIOS affected versions not specified Description: The issue is related to insufficient validation in ASP BIOS and DRTM commands, which may allow malicious supervisor x86 software to disclose the contents of sensitive memory, resulting in...
AMD Server Vulnerabilities – January 2023
Bulletin ID: AMD-SB-1032 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...
CVE-2021-26393
Insufficient memory cleanup in the AMD Secure Processor ASP Trusted Execution Environment TEE may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of...
CVE-2021-26393
Insufficient memory cleanup in the AMD Secure Processor ASP Trusted Execution Environment TEE may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of...
CVE-2020-12931
Improper parameters handling in the AMD Secure Processor ASP kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity...
CVE-2020-12931
Improper parameters handling in the AMD Secure Processor ASP kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity...
CVE-2021-26360
An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP...
CVE-2021-26360
An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP...
CVE-2020-12930
Improper parameters handling in AMD Secure Processor ASP drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity...
CVE-2020-12930
Improper parameters handling in AMD Secure Processor ASP drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity...
Input validation
Improper parameters handling in the AMD Secure Processor ASP kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity...
Input validation
Improper parameters handling in AMD Secure Processor ASP drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity...
Design/Logic Flaw
Insufficient memory cleanup in the AMD Secure Processor ASP Trusted Execution Environment TEE may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of...
Design/Logic Flaw
An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP...
CVE-2021-26360
CVE-2021-26360 describes a local-attack vulnerability in the AMD Secure Processor (ASP) where an attacker with local access can modify the security configuration of the SOC registers, potentially corrupting the ASP’s encrypted memory and enabling arbitrary code execution in the ASP environment. T...
CVE-2021-26360
An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP...
CVE-2021-26360
An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP...
CVE-2021-26393
Insufficient memory cleanup in the AMD Secure Processor ASP Trusted Execution Environment TEE may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of...