2023-01-11
|
CVE-2023-20529
|
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service.
|
Epyc_7002_firmware, Epyc_7003_firmware, Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7743_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
7.5
|
|
|
2023-01-11
|
CVE-2023-20530
|
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service.
|
Epyc_7003_firmware, Epyc_72f3_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7663_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7743_firmware, Epyc_7763_firmware, Epyc_7773x_firmware
|
7.5
|
|
|
2023-01-11
|
CVE-2023-20531
|
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service.
|
Epyc_7002_firmware, Epyc_7003_firmware, Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7743_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
7.5
|
|
|
2023-01-11
|
CVE-2023-20532
|
Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service.
|
Epyc_7002_firmware, Epyc_7003_firmware, Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7743_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
5.3
|
|
|
2023-05-09
|
CVE-2021-26354
|
Insufficient bounds checking in ASP may allow an
attacker to issue a system call from a compromised ABL which may cause
arbitrary memory values to be initialized to zero, potentially leading to a
loss of integrity.
|
Amd_3015ce_firmware, Amd_3015e_firmware, Epyc_7002_firmware, Epyc_7003_firmware, Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware, Ryzen_3_1200_af_firmware, Ryzen_3_2200g_firmware, Ryzen_3_2200ge_firmware, Ryzen_3_2200u_firmware, Ryzen_3_2300u_firmware, Ryzen_3_2300x_firmware, Ryzen_3_3100_firmware, Ryzen_3_3200u_firmware, Ryzen_3_3250c_firmware, Ryzen_3_3250u_firmware, Ryzen_3_3300u_firmware, Ryzen_3_3300x_firmware, Ryzen_3_3350u_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5300g_firmware, Ryzen_3_5300ge_firmware, Ryzen_3_5300u_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_pro_2100ge_firmware, Ryzen_5_1600_af_firmware, Ryzen_5_2400g_firmware, Ryzen_5_2400ge_firmware, Ryzen_5_2500u_firmware, Ryzen_5_2500x_firmware, Ryzen_5_2600_firmware, Ryzen_5_2600e_firmware, Ryzen_5_2600h_firmware, Ryzen_5_2600x_firmware, Ryzen_5_3450u_firmware, Ryzen_5_3500_firmware, Ryzen_5_3500c_firmware, Ryzen_5_3500u_firmware, Ryzen_5_3500x_firmware, Ryzen_5_3550h_firmware, Ryzen_5_3580u_firmware, Ryzen_5_3600_firmware, Ryzen_5_3600x_firmware, Ryzen_5_3600xt_firmware, Ryzen_5_5500_firmware, Ryzen_5_5500u_firmware, Ryzen_5_5560u_firmware, Ryzen_5_5600_firmware, Ryzen_5_5600g_firmware, Ryzen_5_5600ge_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5600x_firmware, Ryzen_5_5625u_firmware, Ryzen_7_2700_firmware, Ryzen_7_2700e_firmware, Ryzen_7_2700u_firmware, Ryzen_7_2700x_firmware, Ryzen_7_2800h_firmware, Ryzen_7_3700c_firmware, Ryzen_7_3700u_firmware, Ryzen_7_3700x_firmware, Ryzen_7_3750h_firmware, Ryzen_7_3780u_firmware, Ryzen_7_3800x_firmware, Ryzen_7_3800xt_firmware, Ryzen_7_5700g_firmware, Ryzen_7_5700ge_firmware, Ryzen_7_5700u_firmware, Ryzen_7_5700x_firmware, Ryzen_7_5800_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5800x3d_firmware, Ryzen_7_5800x_firmware, Ryzen_7_5825u_firmware, Ryzen_9_3900_firmware, Ryzen_9_3900x_firmware, Ryzen_9_3900xt_firmware, Ryzen_9_3950x_firmware, Ryzen_9_5900_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5900x_firmware, Ryzen_9_5950x_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_threadripper_2920x_firmware, Ryzen_threadripper_2950x_firmware, Ryzen_threadripper_2970wx_firmware, Ryzen_threadripper_2990wx_firmware, Ryzen_threadripper_3960x_firmware, Ryzen_threadripper_3970x_firmware, Ryzen_threadripper_3990x_firmware, Ryzen_threadripper_pro_3945wx_firmware, Ryzen_threadripper_pro_3955wx_firmware, Ryzen_threadripper_pro_3975wx_firmware, Ryzen_threadripper_pro_3995wx_firmware, Ryzen_threadripper_pro_5945wx_firmware, Ryzen_threadripper_pro_5955wx_firmware, Ryzen_threadripper_pro_5965wx_firmware, Ryzen_threadripper_pro_5975wx_firmware, Ryzen_threadripper_pro_5995wx_firmware
|
5.5
|
|
|
2023-05-09
|
CVE-2021-26356
|
A TOCTOU in ASP bootloader may allow an attacker
to tamper with the SPI ROM following data read to memory potentially resulting
in S3 data corruption and information disclosure.
|
Epyc_7001_firmware, Epyc_7002_firmware, Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_7373x_firmware, Epyc_7401_firmware, Epyc_7401p_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware, Ryzen_3_3100_firmware, Ryzen_3_3300x_firmware, Ryzen_5_3500_firmware, Ryzen_5_3500x_firmware, Ryzen_5_3600_firmware, Ryzen_5_3600x_firmware, Ryzen_5_3600xt_firmware, Ryzen_5_5500_firmware, Ryzen_5_5600_firmware, Ryzen_5_5600x_firmware, Ryzen_7_3700xt_firmware, Ryzen_7_3800x_firmware, Ryzen_7_3800xt_firmware, Ryzen_7_5700x_firmware, Ryzen_7_5800_firmware, Ryzen_7_5800x3d_firmware, Ryzen_7_5800x_firmware, Ryzen_9_3900_firmware, Ryzen_9_3900x_firmware, Ryzen_9_3950x_firmware, Ryzen_9_3950xt_firmware, Ryzen_9_5900_firmware, Ryzen_9_5900x_firmware, Ryzen_9_5950x_firmware, Ryzen_threadripper_3960x_firmware, Ryzen_threadripper_3970x_firmware, Ryzen_threadripper_3990x_firmware, Ryzen_threadripper_pro_3945wx_firmware, Ryzen_threadripper_pro_3955wx_firmware, Ryzen_threadripper_pro_3975wx_firmware, Ryzen_threadripper_pro_3995wx_firmware, Ryzen_threadripper_pro_5945wx_firmware, Ryzen_threadripper_pro_5955wx_firmware, Ryzen_threadripper_pro_5965wx_firmware, Ryzen_threadripper_pro_5975wx_firmware, Ryzen_threadripper_pro_5995wx_firmware
|
7.4
|
|
|
2023-05-09
|
CVE-2021-26371
|
A compromised or malicious ABL or UApp could
send a SHA256 system call to the bootloader, which may result in exposure of
ASP memory to userspace, potentially leading to information disclosure.
|
Amd_3015ce_firmware, Amd_3015e_firmware, Epyc_7001_firmware, Epyc_7002_firmware, Epyc_7003_firmware, Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7401p_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware, Ryzen_3_2200g_firmware, Ryzen_3_2200ge_firmware, Ryzen_3_2200u_firmware, Ryzen_3_2300u_firmware, Ryzen_3_3100_firmware, Ryzen_3_3200u_firmware, Ryzen_3_3250c_firmware, Ryzen_3_3250u_firmware, Ryzen_3_3300u_firmware, Ryzen_3_3300x_firmware, Ryzen_3_3350u_firmware, Ryzen_3_pro_2100ge_firmware, Ryzen_5_2400g_firmware, Ryzen_5_2400ge_firmware, Ryzen_5_2500u_firmware, Ryzen_5_2600h_firmware, Ryzen_5_3450u_firmware, Ryzen_5_3500_firmware, Ryzen_5_3500c_firmware, Ryzen_5_3500u_firmware, Ryzen_5_3500x_firmware, Ryzen_5_3550h_firmware, Ryzen_5_3580u_firmware, Ryzen_5_3600_firmware, Ryzen_5_3600x_firmware, Ryzen_5_3600xt_firmware, Ryzen_5_5500_firmware, Ryzen_5_5600_firmware, Ryzen_5_5600x_firmware, Ryzen_7_2700u_firmware, Ryzen_7_2800h_firmware, Ryzen_7_3700c_firmware, Ryzen_7_3700u_firmware, Ryzen_7_3700x_firmware, Ryzen_7_3750h_firmware, Ryzen_7_3780u_firmware, Ryzen_7_3800x_firmware, Ryzen_7_3800xt_firmware, Ryzen_7_5700x_firmware, Ryzen_7_5800_firmware, Ryzen_7_5800x3d_firmware, Ryzen_7_5800x_firmware, Ryzen_9_3900_firmware, Ryzen_9_3900x_firmware, Ryzen_9_3900xt_firmware, Ryzen_9_3950x_firmware, Ryzen_9_5900_firmware, Ryzen_9_5900x_firmware, Ryzen_9_5950x_firmware, Ryzen_threadripper_3960x_firmware, Ryzen_threadripper_3970x_firmware, Ryzen_threadripper_3990x_firmware, Ryzen_threadripper_pro_3945wx_firmware, Ryzen_threadripper_pro_3955wx_firmware, Ryzen_threadripper_pro_3975wx_firmware, Ryzen_threadripper_pro_3995wx_firmware, Ryzen_threadripper_pro_5945wx_firmware, Ryzen_threadripper_pro_5955wx_firmware, Ryzen_threadripper_pro_5965wx_firmware, Ryzen_threadripper_pro_5975wx_firmware, Ryzen_threadripper_pro_5995wx_firmware
|
5.5
|
|
|
2023-05-09
|
CVE-2021-26379
|
Insufficient input validation of mailbox data in the
SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially
leading to a loss of integrity and privilege escalation.
|
Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
9.8
|
|
|
2023-05-09
|
CVE-2021-26397
|
Insufficient address validation, may allow an
attacker with a compromised ABL and UApp to corrupt sensitive memory locations
potentially resulting in a loss of integrity or availability.
|
Epyc_72f3_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7663_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7763_firmware, Epyc_7773x_firmware
|
7.1
|
|
|
2023-05-09
|
CVE-2021-46762
|
Insufficient input validation in the SMU may
allow an attacker to corrupt SMU SRAM potentially leading to a loss of
integrity or denial of service.
|
Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
9.1
|
|
|