12 matches found
CVE-2021-26376
Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.
CVE-2021-26388
Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.
CVE-2021-26375
Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.
CVE-2021-26382
An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service.
CVE-2021-26378
Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.
CVE-2021-26373
Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.
CVE-2023-20579
ImproperAccess Control in the AMD SPI protection feature may allow a user with Ring0(kernel mode) privileged access to bypass protections potentially resulting inloss of integrity and availability.
CVE-2021-26354
Insufficient bounds checking in ASP may allow anattacker to issue a system call from a compromised ABL which may causearbitrary memory values to be initialized to zero, potentially leading to aloss of integrity.
CVE-2021-26371
A compromised or malicious ABL or UApp couldsend a SHA256 system call to the bootloader, which may result in exposure ofASP memory to userspace, potentially leading to information disclosure.
CVE-2023-20521
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
CVE-2022-23815
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
CVE-2021-26365
Certain size values in firmware binary headerscould trigger out of bounds reads during signature validation, leading todenial of service or potentially limited leakage of information aboutout-of-bounds memory contents.