Input validation

Improper syscall input validation in AMD TEE Trusted Execution Environment may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP AMD Secure Processor bootloader accessible memory to a serial port, resulting in a potential...

CVE-2023-20520

Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution...

CVE-2021-46769

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution...

CVE-2021-46769

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution...

CVE-2021-26356

A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure...

CVE-2021-26371

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure...

CVE-2021-26356

A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure...

CVE-2021-26371

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure...

Input validation

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution...

Information disclosure

A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure...

Information disclosure

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure...

CVE-2021-46792

Time-of-check Time-of-use TOCTOU in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service...

CVE-2021-46760

A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which may result in an out-of-bounds memory access that may potentially lead to an attacker leaking sensitive information or achieving code execution...

CVE-2021-46759

Consolidated details for CVE-2021-46759 show an improper syscall input validation in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE). Attack requires physical access and control of a UApp running under the bootloader to read ASP bootloader memory via a serial port, potentially ...

CVE-2021-46759

Improper syscall input validation in AMD TEE Trusted Execution Environment may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP AMD Secure Processor bootloader accessible memory to a serial port, resulting in a potential...

CVE-2021-46756

Insufficient validation of inputs in SVCMAPUSERSTACK in the ASP AMD Secure Processor bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the bootloader resulting in a potential denial of service and loss of integrity...

CVE-2021-46756

CVE-2021-46756 describes insufficient validation of inputs in SVC_MAP_USER_STACK in the AMD Secure Processor (ASP) bootloader. A malicious UApp or ABL could send malformed or invalid syscalls to the bootloader, potentially causing a denial of service and loss of integrity. The AMD security bullet...

CVE-2021-46756

Insufficient validation of inputs in SVCMAPUSERSTACK in the ASP AMD Secure Processor bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the bootloader resulting in a potential denial of service and loss of integrity...

CVE-2021-46755

Failure to unmap certain SysHub mappings in error paths of the ASP AMD Secure Processor bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service...

CVE-2021-46755

Failure to unmap certain SysHub mappings in error paths of the ASP AMD Secure Processor bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service...