Lucene search
K

197 matches found

Positive Technologies
Positive Technologies
added 2023/02/26 12:0 a.m.6 views

PT-2023-16717 · Techpowerup · Techpowerup Ryzen Dram Calculator

Name of the Vulnerable Software and Affected Versions: TechPowerUp Ryzen DRAM Calculator version 1.2.0.5 Description: A critical issue has been found in the library WinRing0x64.sys, affecting some unknown processing. The manipulation leads to improper initialization, requiring local access to...

7.8CVSS6.9AI score0.00572EPSS
Exploits1References8
F5 Networks
F5 Networks
added 2023/02/21 7:41 p.m.17 views

K16842: Row hammer (rowhammer) vulnerability

Security Advisory Description Row hammer rowhammer is a problem with some recent DRAM devices, in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. Impact None. F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...

6.7AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:27 p.m.57 views

K60570139: Rowhammer hardware vulnerability CVE-2020-10255

Security Advisory Description Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh TRR, aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain...

9.3CVSS8.9AI score0.02515EPSS
Exploits0Affected Software11
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.3 views

SUSE CVE-2017-17046

An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled...

6.5CVSS6.1AI score0.00364EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.5 views

SUSE CVE-2021-26337

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...

5.5CVSS5.5AI score0.00233EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.6 views

SUSE CVE-2021-26338

Improper access controls in System Management Unit SMU may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources...

7.8CVSS7.5AI score0.00897EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.6 views

PT-2022-14792 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the valid out of special sec dram addr function of drm access control.c. This could lead to a local escalation of privilege with no additional execution privileg...

7.8CVSS7.5AI score0.00125EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.5 views

PT-2022-14791 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to improper input validation in the valid out of special sec dram addr function of drm access control.c. This could lead to a local escalation of privilege with no additional execution privileg...

7.8CVSS7.5AI score0.00125EPSS
Exploits0References3
Prion
Prion
added 2022/05/12 7:15 p.m.20 views

Design/Logic Flaw

A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure...

3.6CVSS5.7AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/12 6:39 p.m.35 views

CVE-2021-26363

A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure...

5.1AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2022/05/12 6:39 p.m.154 views

CVE-2021-26363

CVE-2021-26363 affects AMD ASP/SMU firmware where a malicious or compromised UApp or ABL could modify the ASP’s reserved DRAM value outside the fenced area, potentially exposing data. The vulnerability is documented in AMD SB-1027 with platform-specific mitigations (e.g., Raven Ridge AM4 family),...

4.4CVSS5.7AI score0.0021EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/05/12 6:16 p.m.20 views

CVE-2021-26351

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA Direct Memory Access read/write from/to invalid DRAM address that could result in denial of service...

5.5CVSS0.00203EPSS
Exploits0References1
Prion
Prion
added 2022/05/12 6:16 p.m.25 views

Design/Logic Flaw

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA Direct Memory Access read/write from/to invalid DRAM address that could result in denial of service...

4.9CVSS6.4AI score0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/12 5:18 p.m.23 views

CVE-2021-26351

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA Direct Memory Access read/write from/to invalid DRAM address that could result in denial of service...

5.7AI score0.00203EPSS
Exploits0References1
CVE
CVE
added 2022/05/12 5:18 p.m.94 views

CVE-2021-26351

CVE-2021-26351 corresponds to an insufficient DRAM address validation vulnerability in the AMD System Management Unit (SMU), which may allow a DMA read/write to an invalid DRAM address and cause a denial of service. Connected AMD advisories (AMD-SB-1027) map this issue to AMD platforms across des...

5.5CVSS6.3AI score0.00203EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.4 views

AMD System Management Unit 权限许可和访问控制问题漏洞

The AMD System Management Unit SMU is a system management unit at AMD in the United States. A security vulnerability exists in the AMD System Management Unit that stems from the possibility that a malicious or compromised UApp or ABL could change the value used by the ASP for its reserved DRAM to...

4.4CVSS5.2AI score0.0021EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/05/12 12:0 a.m.5 views

PT-2022-9734 · Unknown · Amd System Management Unit

Name of the Vulnerable Software and Affected Versions: System Management Unit SMU affected versions not specified Description: The issue is related to insufficient DRAM address validation, which may lead to a denial of service due to DMA read/write operations from/to invalid DRAM addresses...

5.5CVSS5.3AI score0.00203EPSS
Exploits0References3
Trellix
Trellix
added 2021/11/30 12:0 a.m.43 views

The Bug Report November 2021 Edition

The Bug Report — November 2021 Edition By Mark Bereza · November 30, 2021 Your Cybersecurity Comic Relief CVE-2021-20322: Of all the words of mice and men, the saddest are, “it was DNS again.” Why am I here? For all our newcomers, welcome to the Advanced Threat Research team’s monthly bug report ...

10CVSS8.2AI score0.19087EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2021/11/17 12:0 a.m.8 views

The vulnerability of the internal protection mechanism for the target string (TRR) of DRAM devices (PC-DDR4, LPDDR4X) allows attackers to enhance their privileges.

The vulnerability of the internal protection mechanism for the target string TRR in DRAM devices PC-DDR4, LPDDR4X relates to the possibility of manipulating the contents of individual memory bits through cyclic reading from memory cells. Exploiting this vulnerability can allow an attacker to...

9CVSS7.7AI score0.02889EPSS
Exploits1References7
OSV
OSV
added 2021/11/16 7:15 p.m.5 views

CVE-2021-26337

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...

5.5CVSS6.1AI score0.00233EPSS
Exploits0References1
Rows per page
Query Builder