CVE-2023-20525

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service.

CVE-2023-31355

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.

CVE-2021-26344

An out of bounds memory write when processing the AMDPSP1 Configuration Block (APCB) could allow an attacker with access the abilityto modify the BIOS image, and the ability to sign the resulting image, topotentially modify the APCB block resulting in arbitrary code execution.

CVE-2021-26396

Insufficient validation of address mapping to IO in ASP (AMD Secure Processor) may result in a loss of memory integrity in the SNP guest.

CVE-2021-26397

Insufficient address validation, may allow anattacker with a compromised ABL and UApp to corrupt sensitive memory locationspotentially resulting in a loss of integrity or availability.

CVE-2024-21980

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.

CVE-2021-26328

Failure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss of memory integrity for SNP guests.