CVE-2023-31347

Due to a code bug inSecure_TSC, SEV firmware may allow an attacker with high privileges to cause aguest to observe an incorrect TSC when Secure TSC is enabled potentiallyresulting in a loss of guest integrity.

CVE-2021-26345

Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.

CVE-2023-20526

Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.