173 matches found
CVE-2021-26398
Insufficient input validation in SYSKEYDERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential arbitrary code execution...
Input validation
Insufficient input validation in SYSKEYDERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential arbitrary code execution...
Input validation
Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...
Input validation
Insufficient input validation in SVCECCPRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential loss of integrity and availability...
AMD Secure Processor 安全特征问题漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP, AMD System Management Unit SMU, and AMD Secure Encrypted Virtualization SEV. An attacker could exploit this vulnerability to cause an informati...
AMD Secure Processor 数据伪造问题漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that stems from insufficient validation of IO address mappings, resulting in a loss of memory integrity...
AMD Secure Processor 缓冲区错误漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. AMD Secure Processor ASP suffers from a buffer error vulnerability that stems from insufficient input validation in the SVCECCPRIMITIVE system call. An attacker could exploit this vulnerability to corrupt...
AMD Secure Processor 缓冲区错误漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. ASP AMD Secure Processor suffers from a buffer error vulnerability that stems from insufficient input validation in the SYSKEYDERIVE system call. An attacker could exploit this vulnerability to corrupt th...
AMD Secure Processor(ASP) 输入验证错误漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. AMD Secure Processor ASP suffers from a security vulnerability that stems from incorrect system call input validation in the Bootloader, which could allow a privileged attacker to read memory out of bound...
CVE-2021-46779
CVE-2021-46779 is an AMD Secure Processor (ASP) vulnerability: insufficient input validation in the SVC_ECC_PRIMITIVE system call could allow a compromised user application or ABL to corrupt ASP OS memory, risking loss of integrity and availability. Connected sources confirm the issue and link to...
CVE-2021-26402
Insufficient bounds checking in ASP AMD Secure Processor firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability...
CVE-2021-26398
CVE-2021-26398 affects the AMD Secure Processor (ASP) via insufficient input validation in SYS_KEY_DERIVE. A compromised user application or ABL may corrupt ASP OS memory, potentially enabling arbitrary code execution. Public details identify the vulnerability and associated risk to ASP/firmware,...
CVE-2021-26396
Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...
CVE-2021-26396
The CVE-2021-26396 issue affects the AMD Secure Processor (ASP) where insufficient validation of address mapping to IO can lead to loss of memory integrity in the SNP guest. The entry is supported by multiple sources (NVD/NCSC AMD SB) detailing the vulnerability and its scope across AMD EPYC gene...
CVE-2021-26346
Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...
PT-2023-1488 · Amd · Amd System Management Unit +2
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified AMD System Management Unit SMU affected versions not specified AMD Secure Encrypted Virtualization SEV affected versions not specified Description: The issue is related to errors in...
PT-2023-1403 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to insufficient input validation in the ASP, which may allow an attacker with physical access to gain unauthorized write access to memory. This could...
PT-2023-1483 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to a Time-of-Check-to-Time-of-Use TOCTOU vulnerability in the ASP, which may allow a physical attacker to write beyond buffer bounds. This could...
PT-2023-1408 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to insufficient validation of address mapping to IO in the AMD Secure Processor, which may result in a loss of memory integrity in the SNP guest. This coul...
PT-2023-12087 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to the failure to validate the integer operand in the ASP bootloader, which may allow an attacker to introduce an integer overflow in the L2 directory tabl...