61 matches found
EUVD-2025-209508
Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to achieve privilege escalation potentially resulting in arbitrary code execution...
CVE-2025-54502
Summary (CVE-2025-54502) : Affected software is the AMD Platform Configuration Blob (APCB) SMM driver. The issue is an incorrect use of a boot service in APCB SMM, which could allow a local (Ring 0) attacker to escalate privileges and potentially execute arbitrary code. The CVSS-like metrics indi...
CVE-2025-54502
Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to achieve privilege escalation potentially resulting in arbitrary code execution...
CVE-2025-54510
A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity...
CVE-2025-54510
The connected documents confirm CVE-2025-54510 affects AMD Zen 5 (and related platforms) via a missing lock verification in the AMD Secure Processor (ASP) firmware that can allow a locally authenticated, high-privilege attacker to alter MMIO routing during boot/init, potentially compromising gues...
SUSE CVE-2026-23065
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrfrecord The tmp buffer is allocated using kcalloc but is not freed if acpievaluatedsm fails. This causes a memory leak in the error path. Fix this by explicitly freeing the tmp buffer in th...
EUVD-2026-5479
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrfrecord The tmp buffer is allocated using kcalloc but is not freed if acpievaluatedsm fails. This causes a memory leak in the error path. Fix this by explicitly freeing the tmp buffer in th...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Only disable IRQ1 wakeup when i8042 actually enables it. The IRQ1 wakeup should be disabled only in cases where i8042 has actually enabled it. Otherwise, “wakedepth” for this IRQ will attempt to drop below...
SUSE CVE-2025-68760
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommummioshow In iommummiowrite, it validates the user-provided offset with the check: iommu-dbgmmiooffset iommu-mmiophysend - 4. This assumes a 4-byte access. However, the...
CVE-2023-54320
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...
CVE-2023-54320
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...
UBUNTU-CVE-2023-54320
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...
CVE-2023-54320 platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...
EUVD-2019-19196
Malware in sbrugna...
EUVD-2021-13139
Malware in sbrugna...
EUVD-2021-13121
Malware in sbrugna...
EUVD-2020-5241
Malware in sbrugna...
DEBIAN-CVE-2025-39678
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock-metrictbladdr is non-NULL If metric table address is not allocated, accessing metricsbin will result in a NULL pointer dereference, so add a check...
CVE-2025-39678 platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock-metrictbladdr is non-NULL If metric table address is not allocated, accessing metricsbin will result in a NULL pointer dereference, so add a check...
CVE-2025-39678
CVE-2025-39678 affects the Linux kernel, specifically the x86/amd/hsmp code path. The vulnerability arises when sock->metric_tbl_addr is NULL, which can cause a NULL pointer dereference when accessing metrics_bin. The provided connected SUSE advisory confirms the fix: a NULL check was added to...