EUVD-2021-13177

Malware in sbrugna...

CVE-2021-26354

Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity...

CVE-2021-26371

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure...

CVE-2021-26371

The CVE-2021-26371 entry concerns AMD Secure Processor (ASP)/AMD System Management Unit (SMU) where a compromised ABL or UApp could trigger a SHA256 system call to the bootloader, potentially exposing ASP memory to userspace and causing information disclosure. Technical details from connected sou...

CVE-2021-26354

CVE-2021-26354 affects AMD’s ASP/Bootloader pathway (ASP/ABL) with Insufficient bounds checking that may allow a system call from a compromised ABL, initializing arbitrary memory to zero and potentially compromising integrity. The vulnerability is documented across multiple sources (NVD entry and...

CVE-2021-26362

Summary: CVE-2021-26362 describes a vulnerability in AMD System Management Unit (SMU) where a malicious or compromised UApp/ABL can issue a malformed system call to map sensitive SMN registers, potentially compromising integrity and availability. The CVE is associated with AMD platforms and is mi...