7 matches found
CVE-2021-26318
CVE-2021-26318 corresponds to a timing and power-based side-channel issue on some AMD CPUs that could potentially leak kernel address space information via the x86 PREFETCH instruction. Affected software/hardware: all AMD CPUs (per AMD: Side-channels Related to the x86 PREFETCH Instruction). Root...
CVE-2018-8932
The CVE-2018-8932 issue concerns AMD Ryzen/Ryzen Pro processors with insufficient access control in the Secure Processor (RYZENFALL-2/3/4). The available connected documents confirm a processor-embedded access-control weakness rather than a software-only flaw. Root cause: inadequate enforcement w...
CVE-2018-8935
The CVE-2018-8935 entry concerns the Promontory chipset used in AMD Ryzen and Ryzen Pro platforms, where an ASIC backdoor (CHIMERA-HW) is described. The connected documents reiterate the root cause as a backdoor in the ASIC of the Promontory chipset, affecting Ryzen/Ryzen Pro systems. The materia...
CVE-2018-8931
CVE-2018-8931 concerns AMD Ryzen/Ryzen Pro/Ryzen Mobile chips with insufficient access control on the Secure Processor (RYZENFALL-1). The connected sources confirm this as a hardware/software security issue affecting multiple Ryzen family parts and firmware/BIOS vectors. The IBM Power/OPAL firmwa...
CVE-2018-8936
The CVE-2018-8936 entry concerns AMD processors (EPYC Server, Ryzen, Ryzen Pro, Ryzen Mobile) where the Platform Security Processor (PSP) enables privilege escalation. The connected documents corroborate that this is a PSP-based elevation issue affecting multiple Ryzen-family products. Specifics ...
CVE-2018-8934
CVE-2018-8934 covers a backdoor in the firmware of the Promontory chipset used in AMD Ryzen/Ryzen Pro platforms (aka CHIMERA-FW). The issue stems from a firmware backdoor in Promontory, with documented risk perceptions in multiple sources, and a CVSS3 score indicating CRITICAL impact across confi...
CVE-2018-8930
CVE-2018-8930 concerns AMD EPYC Server, Ryzen, Ryzen Pro and Ryzen Mobile processors with insufficient enforcement of Hardware Validated Boot (MASTERKEY-1/MASTERKEY-2/MASTERKEY-3). Public sources consistently identify the affected products and the root cause as weak validation of boot hardware, e...