CVE-2023-20526

Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.

CVE-2023-20532

Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service.

CVE-2021-26331

AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution.

CVE-2023-20523

TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or denial of service.

CVE-2021-26355

Insufficient fencing and checks in System Management Unit (SMU) may result in access to invalid message port registers that could result in a potential denial-of-service.

CVE-2021-26379

Insufficient input validation of mailbox data in theSMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentiallyleading to a loss of integrity and privilege escalation.

CVE-2023-20525

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service.

CVE-2021-26322

Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”.

CVE-2021-26323

Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity.

CVE-2021-26344

An out of bounds memory write when processing the AMDPSP1 Configuration Block (APCB) could allow an attacker with access the abilityto modify the BIOS image, and the ability to sign the resulting image, topotentially modify the APCB block resulting in arbitrary code execution.

CVE-2020-12961

A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections.

CVE-2021-26396

Insufficient validation of address mapping to IO in ASP (AMD Secure Processor) may result in a loss of memory integrity in the SNP guest.

CVE-2021-26397

Insufficient address validation, may allow anattacker with a compromised ABL and UApp to corrupt sensitive memory locationspotentially resulting in a loss of integrity or availability.

CVE-2023-20578

A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allowan attacker with ring0 privileges and access to theBIOS menu or UEFI shell to modify the communications buffer potentiallyresulting in arbitrary code execution.

CVE-2024-21978

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.

CVE-2021-26330

AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources.

CVE-2021-26321

Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP.

CVE-2021-26326

Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity.

CVE-2023-31355

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.

CVE-2021-26327

Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality.

CVE-2021-26328

Failure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss of memory integrity for SNP guests.

CVE-2024-21980

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.