71 matches found
CVE-2021-46775
Improper input validation in ABL may enable anattacker with physical access, to perform arbitrary memory overwrites,potentially leading to a loss of integrity and code execution.
CVE-2023-20528
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality.
CVE-2023-20530
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service.
CVE-2022-23818
Insufficient input validation on the modelspecific register: VM_HSAVE_PA may potentially lead to loss of SEV-SNP guestmemory integrity.
CVE-2023-20566
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
CVE-2023-20591
Improper re-initialization of IOMMU during the DRTM eventmay permit an untrusted platform configuration to persist, allowing an attackerto read or modify hypervisor memory, potentially resulting in loss ofconfidentiality, integrity, and availability.
CVE-2023-20526
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.
CVE-2023-20532
Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service.
CVE-2023-20523
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or denial of service.
CVE-2023-20524
An attacker with a compromised ASP couldpossibly send malformed commands to an ASP on another CPU, resulting in an outof bounds write, potentially leading to a loss a loss of integrity.
CVE-2021-26355
Insufficient fencing and checks in System Management Unit (SMU) may result in access to invalid message port registers that could result in a potential denial-of-service.
CVE-2021-26379
Insufficient input validation of mailbox data in theSMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentiallyleading to a loss of integrity and privilege escalation.
CVE-2023-20525
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service.
CVE-2021-26344
An out of bounds memory write when processing the AMDPSP1 Configuration Block (APCB) could allow an attacker with access the abilityto modify the BIOS image, and the ability to sign the resulting image, topotentially modify the APCB block resulting in arbitrary code execution.
CVE-2021-26396
Insufficient validation of address mapping to IO in ASP (AMD Secure Processor) may result in a loss of memory integrity in the SNP guest.
CVE-2021-26397
Insufficient address validation, may allow anattacker with a compromised ABL and UApp to corrupt sensitive memory locationspotentially resulting in a loss of integrity or availability.
CVE-2023-20578
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allowan attacker with ring0 privileges and access to theBIOS menu or UEFI shell to modify the communications buffer potentiallyresulting in arbitrary code execution.
CVE-2024-21978
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.
CVE-2023-31355
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.
CVE-2021-26328
Failure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss of memory integrity for SNP guests.
CVE-2024-21980
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.