182 matches found
Branch Predictor Isolation in KVM-QEMU
Summary Researchers claim new KVM-QEMU primitives allow exploitation of Spectre V2 resulting in information leakage in various cloud scenarios. KVM-QEMU is a combination of KVM Kernel-based Virtual Machine, a Linux kernel module that enables hardware-assisted virtualization and Quick Emulator QEM...
Voltage Fault Injection on SEV Virtual Machines
Summary Researchers shared with AMD a report titled “Voltage Fault Injection on SEV-protected Virtual Machines.” The report noted a Voltage Fault Injection VFI attack targeting AMD EPYC™ 7272 CPUs running Secure Encrypted Virtualization SEV protected virtual machines VMs. Physical attacks such as...
AMD Server Vulnerabilities – August 2025
Summary Potential vulnerabilities in AMD EPYC™ Processor platforms that affect IOMMU, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP and other platform components, were found during audits performed internally and by third parties. Mitigations have been provided in AMD EPYC™...
AMD Graphics Vulnerabilities – August 2025
Summary Audits performed on AMD graphics and datacenter accelerator products, as well as external reports received by AMD, uncovered potential vulnerabilities affecting AMD graphics, datacenter, and some client processors...
AMD Client Vulnerabilities – August 2025
Summary Potential vulnerabilities in AMD Client Processor platforms that affect SMM, ASP, and other platform components, were found during audits performed internally and by third parties...
SEV Ciphertext Side Channel Attacks
Summary AMD has received reports from two research groups detailing methods by which a malicious hypervisor could potentially execute a side channel attack against a running secure encrypted virtualization – secure nested paging SEV-SNP guest. The first report, titled “Relocate + Vote: Exploiting...
Physical Attacks Leading to Bypass of ASP Boot ROM Secure Boot
Summary Researchers shared a report titled “Code Execution on Zen 4 PSP using Voltage Fault Injection.” In the paper, the researchers reported their findings on Voltage Fault Injection VFI attacks targeting AMD “Zen 4” CPUs, specifically the Ryzen™ 8600G model. The researchers claim these types o...
AMD Embedded Vulnerabilities – August 2025
Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages...
AMD Adrenalin Driver Embedded Chromium Browser
Affected Products and Mitigation AMD recommends users concerned about potential vulnerabilities in Chromium keep the web browser setting disabled until mitigations have been released. AMD is planning to release updates for AMD Software: Adrenalin Edition which will include a newer version of...
Microarchitectural Attacks on the Stack Engine
Summary Researchers from ETH Zurich have published a paper titled “One Flew over the Stack Engine’s Nest: Practical Microarchitectural Attacks on the Stack Engine.” AMD continues to recommend software developers employ existing best practices including constant time algorithm and avoid...
EDK2 SMM MCE Enablement Issue
Summary A researcher reported a bug in the open source EDK2 system management interrupt SMI entry code when an MCE occurs near the start of the SMI handler. An attacker who can inject a machine check exception MCE could cause execution to jump to an attacker-controlled interrupt handler, leading ...
AMD Transient Scheduler Attacks
AMD ID: AMD-SB-7029 Potential Impact: Loss of Confidentiality Severity: Medium Summary AMD discovered several transient scheduler attacks related to the execution timing of instructions under specific microarchitectural conditions while investigating a Microsoft® report titled “Enter, Exit, Page...
Zynq™ UltraScale+™ SoC Overwriting Protected Memory Regions Through PMU Firmware
AMD ID: AMD-SB-8008 Potential Impact: Loss of confidentiality and Integrity Severity: Medium Summary In Zynq™ UltraScale+™ devices, the Platform Management Unit PMU Firmware is designed to implement runtime post boot software services that allow a remote processor to command the PMU to execute...
TPM Reference Implementation
CVE Details assigned by the TCG Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2025-2884| 6.6 Medium CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H| An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a read past the end of a...
Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor
CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2023-20599| 7.9 High CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N| Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto...
Versal Adaptive SoC – Overwriting Protected Memory Regions through PLM Firmware
AMD ID: AMD-SB-8010 Potential Impact: Loss of confidentiality and Integrity Severity: Medium Summary In Versal™ Adaptive SoC devices, the Platform Loader and Manager PLM implements runtime post-boot software services that can allow a remote processor to command the PLM to execute cryptographic...
Versal™ Adaptive SoC – Improper Configuration of the Secure Stream Switch during Post-Boot Cryptographic Operations
AMD ID: AMD-SB-8011 Potential Impact: N/A Severity: N/A Summary In Versal™ Adaptive SoC devices, the Platform Loader and Manager PLM implements runtime post-boot software services that allows a remote processor to command the PLM to execute cryptographic operations – including AES, SHA3, RSA, ECD...
IOLeak - CPU Side Channel Attacks
AMD ID: AMD-SB-7042 Potential Impact: N/A Severity: N/A Summary Researchers have provided AMD with a summary of relevant remarks and findings detailed in a paper titled “IOLeak Side-Channel Attack Exploiting CPU Frequency Scaling and I/O Latency.” AMD reviewed the summary and believes this attack...
AMD Optimizing CPU Libraries (AOCL) Vulnerabilities
CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2024-21960| 7.3highCVSS3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H| Incorrect default permissions in the AMD Optimizing CPU Libraries AOCL installation directory could allow an attacker to achieve...
AMD Manageability Tools Vulnerabilities
AMD ID: AMD-SB-9015 Potential Impact: Arbitrary Code execution Severity: High Summary Vulnerabilities were reported in various AMD Manageability Tools. AMD has provided mitigations for these issues. Please refer to Affected Products and Mitigations below...
Spectre-v2 Domain Isolation
AMD ID: AMD-SB-7034 Potential Impact: N/A Severity: N/A Summary Researchers from VU Amsterdam have shared with AMD a paper exploring the effectiveness of domain isolation against Spectre-v2 type attacks. AMD believes the techniques described by the researchers are not applicable to AMD products...
Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection
AMD ID: AMD-SB-7030 Potential Impact: N/A Severity: N/A Summary Researchers from ETH Zurich have provided AMD with a paper titled “Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection.” AMD reviewed the paper and believes that this vulnerability does not...
AMD uProf Vulnerability
CVE Details Refer to Glossary for explanation of terms CVE| CVSS Severity| CVE Description ---|---|--- CVE-2024-36340| 6.6 MediumCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N| A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points,...
Spectre-Branch Status Eviction (BSE) Vulnerability on ARM® Processors
AMD ID: AMD-SB-8007 Potential Impact: N/A Severity: N/A Summary According to the ARM® security team, Spectre-BSE exploits a microarchitectural mechanism that equips an adversary with a weak form of control over the victim’s branch history despite existing protections. This can lead to exploitativ...
AMD Ryzen™ AI Software Vulnerabilities
AMD ID: AMD-SB-7037 Potential Impact: Refer to the CVE Details section Severity: High Summary AMD Bug Bounty researchers reported four vulnerabilities in AMD Ryzen™ AI Software...
Branch History Leak
AMD ID: AMD-SB-7026 Potential Impact: N/A Severity: N/A Summary Researchers from The Harbin Institute of Technology have shared with AMD a paper titled “Branch History LeakeR: Leveraging Branch History to Construct a New Side Channel-Theory and Practice” that demonstrates a side channel attack...
AMD CPU Microcode Signature Verification Vulnerability
AMD ID: AMD-SB-7033 Potential Impact: Loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment Severity: Medium Summary Researchers from Google®have provided AMD with a report titled “AM...
PAGE PREFETCHER ATTACK
AMD ID: AMD-SB-7040 Potential Impact: N/A Severity: N/A Summary Researchers have disclosed to AMD a potential exploit, the page prefetcher attack PPA, a prefetcher-based side-channel attack. AMD has evaluated the paper and does not believe there are any new security implications...
CROSS-PROCESS GPU MEMORY DISCLOSURE
AMD ID: AMD-SB-6019 Potential Impact: Loss of Confidentiality Severity: Medium Summary A vulnerability in the Linux® drivers for AMD GPUs could allow cross-process disclosure of GPU global memory...
AMD Graphics Driver for Linux®
AMD ID: AMD-SB-6021 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Researchers have reported potential vulnerabilities affecting AMD Graphics Driver for Linux®...
AMD DASH CLI Incorrect Default Permissions Vulnerability
AMD ID: AMD-SB-9008 Potential Impact: Arbitrary Code Execution Severity: High Summary A researcher reported an incorrect default permissions vulnerability within the AMD DASH CLI Software. The AMD Desktop and mobile Architecture for System Hardware DASH Command Line Interface CLI is a command-lin...
AMD GPU Security Vulnerabilities
AMD ID: AMD-SB-6016 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential security vulnerabilities in the Satellite Management Controller SMC in AMD Instinct™ MI300X accelerators were discovered during internal audit/penetration...
AIM-T Manageability Service Vulnerabilities
AMD ID: AMD-SB-9012 Potential Impact: Arbitrary Code Execution Severity: High Summary A researcher reported incorrect default permissions and Dynamic Link Library DLL hijacking vulnerabilities within AMD Integrated Management Technology AIM-T. AIM-T is designed to enable AMD Desktop and mobile...
AMD Ryzen™ Master Utility DLL Hijacking Vulnerability
AMD ID: AMD-SB-9010 Potential Impact: Arbitrary Code Execution Severity: High Summary A researcher reported a DLL hijacking vulnerability within the AMD Ryzen™ Master Utility. AMD Ryzen™ Master Utility is a tool designed to unlock and customize the performance of AMD Ryzen™ processors. It can...
AMD Client Processor Vulnerabilities – February 2025
AMD ID: AMD-SB-4008 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Secure Processor ASP, and other platform components were reported. Mitigations are being provided in Platform Initialization PI...
AMD Server Processor Vulnerabilities – February 2025
AMD ID: AMD-SB-3009 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in the AMD Secure Processor ASP, AMD Secure Encrypted Virtualization SEV, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SN...
AMD SMM Vulnerabilities
AMD ID: AMD-SB-7027 Potential Impact: Arbitrary Code Execution Severity: High Summary Quarkslab reported vulnerabilities that could allow attackers to execute code within SMM System Management Mode. CVE-2024-21925 is the result of a lack of sufficient input buffers validation within the...
Last-Level Cache Attack
AMD ID: AMD-SB-7032 Potential Impact: N/A Severity: N/A Summary Researchers from Wuhan University have provided AMD with a paper titled “ZenLeak: Practical Last-Level Cache Side-Channel Attacks on AMD Zen Processors” in which they discuss prime and probe attacks targeting the Last-Level Cache LLC...
AMD Embedded Processors Vulnerabilities – February 2025
AMD ID: AMD-SB-5004 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages...
AMD Graphics Driver Vulnerabilities – February 2025
AMD ID: AMD-SB-6008 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary AMD received reports of vulnerabilities potentially affecting some AMD Graphics products. Refer to the CVE Details section for information about each CVE...
AMD SMM Callout Vulnerability
AMD ID: AMD-SB-7028 Potential Impact: Arbitrary Code Execution Severity: High Summary AMD SMM callout vulnerability in the AmdPlatformRasSspSmm driver supported on multiple processors. Eclypsium reported an SMM callout vulnerability within the AmdPlatformRasSspSmm UEFI module, which is supported ...
Cache-based Side-Channel Attack Against SEV
AMD ID: AMD-SB-3010 Potential Impact: N/A Severity: N/A Summary AMD has received a report from researchers at National Taiwan University detailing cache-based side-channel attacks against Secure Encrypted Virtualization SEV. 2025-06-03 Update: A subsequent report of the same attacks was received...
AMD SEV Confidential Computing Vulnerability
AMD ID: AMD-SB-3019 Potential Impact: Loss of the SEV-based protection of a confidential guest. Severity: High Summary Researchers from Google®have provided AMD with information on a potential vulnerability that, if successfully exploited, could lead to the loss of SEV-based protection of a...
Undermining Integrity Features of SEV-SNP with Memory Aliasing
AMD ID: AMD-SB-3015 Potential Impact: Loss of Integrity Severity: Medium Summary A team of researchers has reported to AMD that it may be possible to modify serial presence detect SPD metadata to make an attached memory module appear larger than it is, potentially allowing an attacker to overwrit...
QEMU Root Shell Access Vulnerability
AMD ID: AMD-SB-3012 Potential Impact: Guest OS Root Shell Access from Malicious Host Severity: N/A Summary Researchers from the University of Tokyo shared with AMD a paper titled “A Root Shell Access Vulnerability in QEMU for AMD SEV-SNP Confidential Virtual Machines.” The research paper reports...
AMD Provisioning Console Incorrect Default Permissions Vulnerability
Bulletin ID: AMD-SB-9007 Potential Impact: Incorrect Default Permissions Leading to Arbitrary Execution Severity: High Summary A researcher reported an incorrect default permissions vulnerability within the AMD Provisioning Console Software. The researcher’s report noted that AMD Provisioning...
Ryzen™ Master Monitoring SDK & AMD Ryzen™ Master Utility Incorrect Default Permission Vulnerabilities
Bulletin ID: AMD-SB-9004 Potential Impact: Incorrect Default Permissions Leading to Arbitrary Execution Severity: High Summary The AMD Ryzen™ Master Monitoring SDK is a public distribution that is designed to allow software developers to add processor and memory functions to their own utilities...
AMD Cloud Manageability Service Incorrect Default Permissions Vulnerability
Bulletin ID: AMD-SB-9006 Potential Impact: Incorrect Default Permissions Leading to Arbitrary Execution Severity: High Summary A researcher reported an incorrect default permissions vulnerability within the AMD Cloud Manageability Service ACMS Software. ACMS is designed to help enable IT...
AMD Ryzen™ AI Software
Bulletin ID: AMD-SB-7017 Potential Impact: Arbitrary Code Execution, System Crash Severity: High Summary AMD Ryzen™ AI Software includes the tools and runtime libraries for optimizing and deploying AI inference on AMD Ryzen™ AI powered PCs. Ryzen™ AI software enables applications to run on the...
AMD Management Plugin for SCCM Incorrect Default Permissions Vulnerability
Bulletin ID: AMD-SB-9005 Potential Impact: Incorrect Default Permissions Leading to Arbitrary Execution Severity: High Summary An incorrect default permissions vulnerability is identified within the AMD Management Plugin for the Microsoft® System Center Configuration Manager SCCM. The plugin is...