EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from improper input validation and could lead to arbitrary command execution...

AMD TPM Reference Implementation June 2025 Security Update

AMD has informed HP of a potential security vulnerability identified in AMD Firmware TPM fTPM, which might allow information disclosure and/or denial of service. AMD has released Platform Initialization PI firmware to mitigate the vulnerability. AMD has released updates to mitigate the potential...

UBUNTU-CVE-2025-39729

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 sevplatforminitlocked error: we previously assumed 'error' could be null...

AMD Server Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD EPYC™ Processor platforms that affect IOMMU, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP and other platform components, were found during audits performed internally and by third parties. Mitigations have been provided in AMD EPYC™...

AMD Embedded Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages...

Client Vulnerabilities – Aug 2024

Bulletin ID: AMD-SB-4004 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Secure Processor ASP, and other platform components were reported. Mitigations are being provided in Platform Initialization PI...

AMD Embedded Processors Vulnerabilities – Aug 2024

Bulletin ID: AMD-SB-5002 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages. CVE...

AMD Embedded Processors Vulnerabilities – February 2024

Bulletin ID: AMD-SB-5001 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages. CVE...

AMD Client Vulnerabilities – November 2023

Bulletin ID: AMD-SB-4002 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Secure Processor ASP, AMD System Management Unit SMU, and other platform components were reported, and mitigations are being...

AMD Server Vulnerabilities – Nov 2023

Bulletin ID: AMD-SB-3002 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Unit SMU, AMD Secure Encrypted Virtualization SEV, AMD Secure Encrypted...

AMD INVD Instruction Security Notice

Bulletin ID: AMD-SB-3005 Potential Impact: Memory integrity Severity: Medium Summary External researchers reported a potential vulnerability with the INVD instruction that may lead to a loss of SEV-ES and SEV-SNP guest virtual machine VM memory integrity. CVE Details Refer to Glossary for...

Tianocore Edk2 安全漏洞

Tianocore Edk2 is a cross-platform firmware development environment from the Tianocore community that follows the UEFI and PI specifications. A security vulnerability exists in Tianocore Edk2 that allows an attacker to access sensitive data...