Epyc_7773x_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Epyc_7773x_firmware
(Amd)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	71

Date	Id	Summary	Products	Score	Patch	Annotated
2023-05-09	CVE-2022-23818	Insufficient input validation on the model specific register: VM_HSAVE_PA may potentially lead to loss of SEV-SNP guest memory integrity.	Epyc_72f3_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7663_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7763_firmware, Epyc_7773x_firmware	7.5
2023-05-09	CVE-2023-20524	An attacker with a compromised ASP could possibly send malformed commands to an ASP on another CPU, resulting in an out of bounds write, potentially leading to a loss a loss of integrity.	Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware	7.5
2023-05-09	CVE-2021-46756	Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the bootloader resulting in a potential denial of service and loss of integrity.	Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7401p_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_7571_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware	9.1
2024-08-13	CVE-2021-26344	An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.	Epyc_7001_firmware, Epyc_7203_firmware, Epyc_7203p_firmware, Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7303_firmware, Epyc_7303p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7401p_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7643p_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7663p_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware	8.2
2024-08-13	CVE-2023-20584	IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.	Epyc_7203_firmware, Epyc_7203p_firmware, Epyc_72f3_firmware, Epyc_7303_firmware, Epyc_7303p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7643p_firmware, Epyc_7663_firmware, Epyc_7663p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_8024p_firmware, Epyc_8024pn_firmware, Epyc_8124p_firmware, Epyc_8124pn_firmware, Epyc_8224p_firmware, Epyc_8224pn_firmware, Epyc_8324p_firmware, Epyc_8324pn_firmware, Epyc_8434p_firmware, Epyc_8434pn_firmware, Epyc_8534p_firmware, Epyc_8534pn_firmware, Epyc_9124_firmware, Epyc_9174f_firmware, Epyc_9184x_firmware, Epyc_9224_firmware, Epyc_9254_firmware, Epyc_9274f_firmware, Epyc_9334_firmware, Epyc_9354_firmware, Epyc_9354p_firmware, Epyc_9374f_firmware, Epyc_9384x_firmware, Epyc_9454_firmware, Epyc_9454p_firmware, Epyc_9474f_firmware, Epyc_9534_firmware, Epyc_9554_firmware, Epyc_9554p_firmware, Epyc_9634_firmware, Epyc_9654_firmware, Epyc_9654p_firmware, Epyc_9684x_firmware, Epyc_9734_firmware, Epyc_9754_firmware, Epyc_9754s_firmware	6.0
2024-08-13	CVE-2023-20591	Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability.	Epyc_7203_firmware, Epyc_7203p_firmware, Epyc_72f3_firmware, Epyc_7303_firmware, Epyc_7303p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7643p_firmware, Epyc_7663_firmware, Epyc_7663p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_8024p_firmware, Epyc_8024pn_firmware, Epyc_8124p_firmware, Epyc_8124pn_firmware, Epyc_8224p_firmware, Epyc_8224pn_firmware, Epyc_8324p_firmware, Epyc_8324pn_firmware, Epyc_8434p_firmware, Epyc_8434pn_firmware, Epyc_8534p_firmware, Epyc_8534pn_firmware, Epyc_9124_firmware, Epyc_9174f_firmware, Epyc_9184x_firmware, Epyc_9224_firmware, Epyc_9254_firmware, Epyc_9274f_firmware, Epyc_9334_firmware, Epyc_9354_firmware, Epyc_9354p_firmware, Epyc_9374f_firmware, Epyc_9384x_firmware, Epyc_9454_firmware, Epyc_9454p_firmware, Epyc_9474f_firmware, Epyc_9534_firmware, Epyc_9554_firmware, Epyc_9554p_firmware, Epyc_9634_firmware, Epyc_9654_firmware, Epyc_9654p_firmware, Epyc_9684x_firmware, Epyc_9734_firmware, Epyc_9754_firmware, Epyc_9754s_firmware	10.0
2022-05-10	CVE-2021-26324	A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs.	Epyc_72f3_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7663_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7763_firmware, Epyc_7773x_firmware	7.8
2022-05-10	CVE-2021-26332	Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.	Epyc_72f3_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7663_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7763_firmware, Epyc_7773x_firmware	7.1
2022-05-10	CVE-2021-26353	Failure to validate inputs in SMM may allow an attacker to create a mishandled error leaving the DRTM UApp in a partially initialized state potentially resulting in loss of memory integrity.	Epyc_72f3_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7663_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7763_firmware, Epyc_7773x_firmware	7.8
2022-05-10	CVE-2021-26370	Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability.	Epyc_7002_firmware, Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware	7.1