197 matches found
PT-2023-16717 · Techpowerup · Techpowerup Ryzen Dram Calculator
Name of the Vulnerable Software and Affected Versions: TechPowerUp Ryzen DRAM Calculator version 1.2.0.5 Description: A critical issue has been found in the library WinRing0x64.sys, affecting some unknown processing. The manipulation leads to improper initialization, requiring local access to...
K16842: Row hammer (rowhammer) vulnerability
Security Advisory Description Row hammer rowhammer is a problem with some recent DRAM devices, in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. Impact None. F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...
K60570139: Rowhammer hardware vulnerability CVE-2020-10255
Security Advisory Description Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh TRR, aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain...
SUSE CVE-2017-17046
An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled...
SUSE CVE-2021-26337
Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...
SUSE CVE-2021-26338
Improper access controls in System Management Unit SMU may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources...
PT-2022-14792 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the valid out of special sec dram addr function of drm access control.c. This could lead to a local escalation of privilege with no additional execution privileg...
PT-2022-14791 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the valid out of special sec dram addr function of drm access control.c. This could lead to a local escalation of privilege with no additional execution privileg...
Design/Logic Flaw
A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure...
CVE-2021-26363
A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure...
CVE-2021-26363
CVE-2021-26363 affects AMD ASP/SMU firmware where a malicious or compromised UApp or ABL could modify the ASP’s reserved DRAM value outside the fenced area, potentially exposing data. The vulnerability is documented in AMD SB-1027 with platform-specific mitigations (e.g., Raven Ridge AM4 family),...
CVE-2021-26351
Insufficient DRAM address validation in System Management Unit SMU may result in a DMA Direct Memory Access read/write from/to invalid DRAM address that could result in denial of service...
Design/Logic Flaw
Insufficient DRAM address validation in System Management Unit SMU may result in a DMA Direct Memory Access read/write from/to invalid DRAM address that could result in denial of service...
CVE-2021-26351
Insufficient DRAM address validation in System Management Unit SMU may result in a DMA Direct Memory Access read/write from/to invalid DRAM address that could result in denial of service...
CVE-2021-26351
CVE-2021-26351 corresponds to an insufficient DRAM address validation vulnerability in the AMD System Management Unit (SMU), which may allow a DMA read/write to an invalid DRAM address and cause a denial of service. Connected AMD advisories (AMD-SB-1027) map this issue to AMD platforms across des...
AMD System Management Unit 权限许可和访问控制问题漏洞
The AMD System Management Unit SMU is a system management unit at AMD in the United States. A security vulnerability exists in the AMD System Management Unit that stems from the possibility that a malicious or compromised UApp or ABL could change the value used by the ASP for its reserved DRAM to...
PT-2022-9734 · Unknown · Amd System Management Unit
Name of the Vulnerable Software and Affected Versions: System Management Unit SMU affected versions not specified Description: The issue is related to insufficient DRAM address validation, which may lead to a denial of service due to DMA read/write operations from/to invalid DRAM addresses...
The Bug Report November 2021 Edition
The Bug Report — November 2021 Edition By Mark Bereza · November 30, 2021 Your Cybersecurity Comic Relief CVE-2021-20322: Of all the words of mice and men, the saddest are, “it was DNS again.” Why am I here? For all our newcomers, welcome to the Advanced Threat Research team’s monthly bug report ...
The vulnerability of the internal protection mechanism for the target string (TRR) of DRAM devices (PC-DDR4, LPDDR4X) allows attackers to enhance their privileges.
The vulnerability of the internal protection mechanism for the target string TRR in DRAM devices PC-DDR4, LPDDR4X relates to the possibility of manipulating the contents of individual memory bits through cyclic reading from memory cells. Exploiting this vulnerability can allow an attacker to...
CVE-2021-26337
Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...