Lucene search
K

173 matches found

NVD
NVD
added 2022/05/11 5:15 p.m.27 views

CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

4.7CVSS0.00188EPSS
Exploits0References1
CVE
CVE
added 2022/05/11 4:22 p.m.115 views

CVE-2021-26347

CVE-2021-26347 is referenced in several advisories as part of AMD/ kernel-firmware updates. The description states a failure to validate the integer operand in the AMD Secure Processor bootloader could allow an integer overflow in the L2 directory table in SPI flash, potentially causing a denial ...

4.7CVSS5.5AI score0.00188EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/11 4:22 p.m.28 views

CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

6AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2022/05/10 7:15 p.m.2 views

CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor ASP firmware system call may potentially lead to arbitrary code execution by a compromised user application...

7.8CVSS6.2AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/10 6:30 p.m.37 views

CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor ASP firmware system call may potentially lead to arbitrary code execution by a compromised user application...

8AI score0.00284EPSS
Exploits0References1
CVE
CVE
added 2022/05/10 6:30 p.m.86 views

CVE-2021-46771

CVE-2021-46771 : The AMD Secure Processor (ASP) firmware system call has insufficient validation of addresses, potentially allowing arbitrary code execution by a compromised user application. This is tied to the ASP/firmware boundary and could impact systems relying on ASP for secure processing. ...

7.8CVSS7.8AI score0.00284EPSS
Exploits0References1Affected Software1
GoogleProjectZero
GoogleProjectZero
added 2022/05/10 12:0 a.m.10 views

Release of Technical Report into the AMD Security Processor

Posted by James Forshaw, Google Project Zero Today, members of Project Zero and the Google Cloud security team are releasing a technical report on a security review of AMD Secure Processor ASP. The ASP is an isolated ARM processor in AMD EPYC CPUs that adds a root of trust and controls secure...

7.7AI score
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2019-0207)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.4AI score0.01609EPSS
Exploits1References3
Prion
Prion
added 2021/11/16 7:15 p.m.15 views

Input validation

Improper input and range checking in the AMD Secure Processor ASP boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution...

7.2CVSS8AI score0.00286EPSS
Exploits0References1Affected Software58
Cvelist
Cvelist
added 2021/11/16 6:8 p.m.37 views

CVE-2021-26335

Improper input and range checking in the AMD Secure Processor ASP boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution...

8AI score0.00286EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/12 12:0 a.m.5 views

AMD Secure Processor 输入验证错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from AMD. An input validation error vulnerability exists in multiple AMD products that stems from incorrect input and range checking in the Platform Secure Processor PSP bootloader image header that could allow an attacker to use...

7.8CVSS7AI score0.00286EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/11/12 12:0 a.m.4 views

AMD Secure Processor输入验证错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from AMD. An input validation error vulnerability exists in AMD Secure Processor, which stems from the ASP firmware's insufficient validation of the length of the BIOS image could lead to arbitrary code execution...

7.8CVSS7.7AI score0.00335EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2018/04/04 12:0 a.m.7 views

The vulnerability of the AMD Secure Processor technology in processors like Ryzen, Ryzen Pro, and Ryzen Mobile allows for writing to the secure area of the processor.

The vulnerability of the AMD Secure Processor-based processors, including Ryzen, Ryzen Pro, and Ryzen Mobile, is related to deficiencies in the implementation of security functions. Exploiting this vulnerability allows an attacker who has access to the targeted computer and possesses administrato...

1CVSS5.5AI score0.01717EPSS
Exploits0References8
Rows per page
Query Builder