The vulnerability of the implementation of the AMD Secure Processor (ASP) microprogramming software for AMD processors allows a hacker to execute arbitrary code.

The vulnerability of the AMD Secure Processor ASP microprogramming system architecture lies in insufficient validation of input data during the execution of the SYSKEYDERIVE system call. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

SUSE CVE-2018-8932

The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4...

SUSE CVE-2018-8931

The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1...

SUSE CVE-2019-9836

Secure Encrypted Virtualization SEV on Advanced Micro Devices AMD Platform Security Processor PSP; aka AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation...

SUSE CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

CVE-2021-26346

A flaw was found in hw. Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash, resulting in a potential denial of service. Mitigation Please contact AMD for more updates on this...

CVE-2020-12931

A flaw was found in hw. Improper parameters handling in the AMD Secure Processor ASP kernel may allow a privileged attacker to elevate their privileges, potentially leading to a loss of integrity. Mitigation Please contact AMD for more updates on this flaw...

CVE-2020-12930

A flaw was found in hw. Improper parameters handling in AMD Secure Processor ASP drivers may allow a privileged attacker to elevate their privileges, potentially leading to a loss of integrity. Mitigation Please contact AMD for more updates on this flaw...

CVE-2021-46779

Insufficient input validation in SVCECCPRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential loss of integrity and availability...

CVE-2021-46779

Insufficient input validation in SVCECCPRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential loss of integrity and availability...

CVE-2021-26396

Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...

CVE-2021-26398

Insufficient input validation in SYSKEYDERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential arbitrary code execution...

Input validation

Insufficient input validation in SYSKEYDERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential arbitrary code execution...

Input validation

Insufficient input validation in SVCECCPRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential loss of integrity and availability...

Input validation

Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...

AMD Secure Processor 安全漏洞

AMD Secure Encrypted Virtualization is a product of AMD Semiconductor, Inc. AMD Secure Encrypted Virtualization is a software application.AMD System Management Unit SMU is a system management unit. AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip. A security vulnerability exists in AM...

AMD Secure Processor 安全漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP, AMD System Management Unit SMU, and AMD Secure Encrypted Virtualization SEV, which stems from insufficient authentication of commands, which...

AMD Secure Processor 输入验证错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor. An attacker could exploit this vulnerability to cause an integer overflow, resulting in a denial of service...

AMD Secure Processor 数据伪造问题漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that stems from insufficient validation of IO address mappings, resulting in a loss of memory integrity...

AMD Secure Processor 缓冲区错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. ASP AMD Secure Processor suffers from a security vulnerability that stems from insufficient boundary checking. An attacker exploits the vulnerability to write partially controlled data to the SMM or SEV-E...