Lucene search
K

8 matches found

CVE
CVE
added 2022/05/11 4:28 p.m.122 views

CVE-2021-26376

CVE-2021-26376 is referenced across multiple SUSE kernel-firmware advisories (SUSE-SU-2022-1840/1846/1847-1, etc.) as part of a family of SMU flaws. The description in the CVE entry states that insufficient checks in the System Management Unit (SMU) FeatureConfig may reenforce features and cause ...

5.5CVSS5.9AI score0.00212EPSS
CVE
CVE
added 2022/05/11 4:20 p.m.112 views

CVE-2021-26375

Technical details for CVE-2021-26375 are not publicly provided in the supplied documents; no affected products, exploit vectors, or fixes are stated here. Monitor for updates from the listed advisories.

5.5CVSS5.8AI score0.00217EPSS
CVE
CVE
added 2022/05/11 4:29 p.m.107 views

CVE-2021-26388

CVE-2021-26388 matches the initial description: improper validation of the BIOS directory can cause reads beyond the RAM directory table, exposing out-of-bounds memory and potentially causing a denial of service. Connected advisories (SUSE-SU-2022:1840-1, 1846-1, 1847-1) reference this CVE as par...

5.5CVSS5.8AI score0.00212EPSS
CVE
CVE
added 2022/05/11 4:23 p.m.105 views

CVE-2021-26378

CVE-2021-26378 is an SMU (System Management Unit) bound-check issue that can cause denial of service by exposing invalid address space. The descriptor in the initial document states only a bound-check deficiency in the SMU leading to DoS, with CVSS v3.1 base score 5.5 (Local, Low privileges requi...

5.5CVSS5.8AI score0.00212EPSS
CVE
CVE
added 2023/03/23 6:50 p.m.105 views

CVE-2023-20558

CVE-2023-20558 involves AMD Secure Processor/SMU SMM code. The root cause is insufficient control flow management in AmdCpmOemSmm, which could allow a privileged attacker to tamper with the SMM handler and escalate privileges. Affected software/hardware: AMD Ryzen 2000 series desktop processors (...

8.8CVSS8.6AI score0.00667EPSS
CVE
CVE
added 2022/05/11 4:27 p.m.97 views

CVE-2021-26373

CVE-2021-26373 involves insufficient bound checks in the System Management Unit (SMU) that can cause a system voltage malfunction and potentially deny resources or service. The connected advisories (SUSE kernel-firmware updates SUSE-SU-2022:1840/1846/1923 and related OpenVAS entries) indicate thi...

5.5CVSS5.9AI score0.00212EPSS
CVE
CVE
added 2022/07/14 7:28 p.m.90 views

CVE-2021-26384

CVE-2021-26384 is a vulnerability described as a malformed System Management Interface (SMI) command that can corrupt the SMI Trigger Info data structure, potentially enabling out-of-bounds memory reads/writes when an SMI is triggered. The AMD ADM/AMD-SB-1027 bulletin lists this CVE among others ...

7.8CVSS7.9AI score0.00203EPSS
CVE
CVE
added 2023/03/23 6:49 p.m.68 views

CVE-2023-20559

The CVE-2023-20559 entry concerns AMD Ryzen 2000-series CPUs with a vulnerability in the System Management Mode (SMM) component. Specifically, insufficient control flow management in AmdCpmGpioInitSmm could allow a privileged attacker to tamper with the SMM handler, potentially leading to privile...

8.8CVSS8.6AI score0.00667EPSS