Filtered by vendor Amd
Subscriptions
Filtered by product Epyc 7f32 Firmware
Subscriptions
Total
70 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-26341 | 2 Amd, Redhat | 255 A10-9600p, A10-9600p Firmware, A10-9630p and 252 more | 2024-09-16 | 6.5 Medium |
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. | ||||
CVE-2022-29900 | 5 Amd, Debian, Fedoraproject and 2 more | 253 A10-9600p, A10-9600p Firmware, A10-9630p and 250 more | 2024-09-16 | 6.5 Medium |
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. | ||||
CVE-2021-26372 | 1 Amd | 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more | 2024-09-16 | 5.5 Medium |
Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. | ||||
CVE-2021-26321 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2024-09-16 | 5.5 Medium |
Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP. | ||||
CVE-2020-12954 | 1 Amd | 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more | 2024-09-16 | 5.5 Medium |
A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauthorized SPI ROM modification. | ||||
CVE-2021-26320 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2024-09-16 | 5.5 Medium |
Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP | ||||
CVE-2021-26335 | 1 Amd | 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more | 2024-09-16 | 7.8 High |
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution. | ||||
CVE-2021-26330 | 1 Amd | 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more | 2024-09-16 | 5.5 Medium |
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. | ||||
CVE-2021-26376 | 1 Amd | 167 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 164 more | 2024-09-16 | 5.5 Medium |
Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service. | ||||
CVE-2021-26312 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2024-09-16 | 5.5 Medium |
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. | ||||
CVE-2022-23825 | 5 Amd, Debian, Fedoraproject and 2 more | 253 A10-9600p, A10-9600p Firmware, A10-9630p and 250 more | 2024-09-16 | 6.5 Medium |
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | ||||
CVE-2021-26336 | 1 Amd | 190 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 187 more | 2024-09-16 | 5.5 Medium |
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components. | ||||
CVE-2020-12944 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2024-09-16 | 7.8 High |
Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution. | ||||
CVE-2020-12988 | 1 Amd | 122 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 119 more | 2024-09-16 | 7.5 High |
A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the system when it is rebooted. | ||||
CVE-2021-26373 | 1 Amd | 175 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 172 more | 2024-09-16 | 5.5 Medium |
Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service. | ||||
CVE-2021-26340 | 1 Amd | 210 Epyc 7001, Epyc 7001 Firmware, Epyc 7232p and 207 more | 2024-09-16 | 8.4 High |
A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM). | ||||
CVE-2021-46769 | 1 Amd | 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more | 2024-08-04 | 8.8 High |
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution. | ||||
CVE-2021-46775 | 1 Amd | 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more | 2024-08-04 | 6.8 Medium |
Improper input validation in ABL may enable an attacker with physical access, to perform arbitrary memory overwrites, potentially leading to a loss of integrity and code execution. | ||||
CVE-2021-46774 | 1 Amd | 274 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 271 more | 2024-08-04 | 6.7 Medium |
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service. | ||||
CVE-2021-46763 | 1 Amd | 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more | 2024-08-04 | 7.5 High |
Insufficient input validation in the SMU may enable a privileged attacker to write beyond the intended bounds of a shared memory buffer potentially leading to a loss of integrity. |