368 matches found
CVE-2021-26393
CVE-2021-26393 describes insufficient memory cleanup in the AMD Secure Processor (ASP) TEE, which could allow an authenticated user with privileges to generate a valid signed TA and potentially poison process memory, leading to confidentiality loss. The connected AMD security bulletin (AMD-SB-500...
CVE-2020-12930
CVE-2020-12930 is an AMD ASP/PSP driver vulnerability described as improper parameter handling that could allow a privileged attacker to elevate privileges, potentially compromising integrity. The AMD security bulletin AMD-SB-5001 maps this CVE to various AMD Embedded/ Ryzen platforms and provide...
CVE-2021-26393
Insufficient memory cleanup in the AMD Secure Processor ASP Trusted Execution Environment TEE may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of...
CVE-2020-12930
Improper parameters handling in AMD Secure Processor ASP drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity...
CVE-2020-12931
The CVE-2020-12931 issue affects the AMD Secure Processor (ASP) kernel, caused by improper parameter handling, enabling a privileged attacker to elevate privileges and potentially compromise integrity. AMD’s AMD-SB-5001 bulletin maps this vulnerability across ASP/PSP components (ASP kernel) and p...
CVE-2020-12931
Improper parameters handling in the AMD Secure Processor ASP kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity...
PT-2022-8397 · Amd · Amd Secure Processor (Asp) Drivers
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP drivers affected versions not specified Description: The issue is related to improper parameters handling in AMD Secure Processor ASP drivers, which may allow a privileged attacker to elevate their privileges,...
PT-2022-8398 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP kernel affected versions not specified Description: The issue is related to improper parameters handling in the kernel, which may allow a privileged attacker to elevate their privileges, potentially leading to loss of...
PT-2022-9757 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to insufficient memory cleanup in the AMD Secure Processor ASP Trusted Execution Environment TEE. This may allow an authenticated attacker with...
AMD Secure Processor 安全漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that originates from an attacker with local access to the system who can make unauthorized modifications to the security configuration of the SO...
AMD Secure Processor 安全漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP, which arises from improper parameter handling in the driver and could allow an attacker with privileges to elevate privileges, resulting in a...
AMD Secure Processor 安全漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP, which stems from improper parameter handling in the kernel and could allow a privileged attacker to elevate privileges, resulting in a loss of...
PT-2022-9736 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD secure processor affected versions not specified Description: An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD...
AMD Secure Processor 安全漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that stems from inadequate memory cleanup in the Trusted Execution Environment TEE, which could allow an authenticated attacker to have the...
The vulnerability of AMD Secure Processor’s microprogramming software lies in insufficient validation of input data, allowing a hacker to execute arbitrary code.
The vulnerability of AMD Secure Processor ASP microprogramming software lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system...
SUSE SLED15 / SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1840-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1840-1 advisory. - Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO...
SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1751-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1751-1 advisory. - Improper input validation in firmware for some IntelR PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potential...
CVE-2021-26347
Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...
CVE-2021-26347
CVE-2021-26347 is referenced in several advisories as part of AMD/ kernel-firmware updates. The description states a failure to validate the integer operand in the AMD Secure Processor bootloader could allow an integer overflow in the L2 directory table in SPI flash, potentially causing a denial ...
CVE-2021-26347
Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...