2021-11-16
|
CVE-2021-26312
|
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
|
Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
5.5
|
|
|
2021-11-16
|
CVE-2021-26322
|
Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”.
|
Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
7.5
|
|
|
2021-11-16
|
CVE-2021-26329
|
AMD System Management Unit (SMU) may experience an integer overflow when an invalid length is provided which may result in a potential loss of resources.
|
Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
5.5
|
|
|
2021-11-16
|
CVE-2021-26336
|
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components.
|
Epyc_7002_firmware, Epyc_7003_firmware, Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Ryzen_3_3100_firmware, Ryzen_3_3300g_firmware, Ryzen_3_3300x_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425c_firmware, Ryzen_3_5425u_firmware, Ryzen_5_3400g_firmware, Ryzen_5_3450g_firmware, Ryzen_5_3600_firmware, Ryzen_5_3600x_firmware, Ryzen_5_5560u_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5600x_firmware, Ryzen_5_5625c_firmware, Ryzen_5_5625u_firmware, Ryzen_5_5700g_firmware, Ryzen_5_5700ge_firmware, Ryzen_7_3800x_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5825c_firmware, Ryzen_7_5825u_firmware, Ryzen_9_3900x_firmware, Ryzen_9_3950x_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_threadripper_1900x_firmware, Ryzen_threadripper_1920x_firmware, Ryzen_threadripper_1950x_firmware, Ryzen_threadripper_2920x_firmware, Ryzen_threadripper_2950x_firmware, Ryzen_threadripper_2970wx_firmware, Ryzen_threadripper_2990wx_firmware, Ryzen_threadripper_3960x_firmware, Ryzen_threadripper_3970x_firmware, Ryzen_threadripper_3990x_firmware, Ryzen_threadripper_pro_3945wx_firmware, Ryzen_threadripper_pro_3955wx_firmware, Ryzen_threadripper_pro_3975wx_firmware, Ryzen_threadripper_pro_3995wx_firmware, Ryzen_threadripper_pro_5945wx_firmware, Ryzen_threadripper_pro_5955wx_firmware, Ryzen_threadripper_pro_5965wx_firmware, Ryzen_threadripper_pro_5975wx_firmware, Ryzen_threadripper_pro_5995wx_firmware
|
5.5
|
|
|
2021-11-16
|
CVE-2021-26338
|
Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources.
|
Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
7.5
|
|
|
2021-11-16
|
CVE-2020-12944
|
Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution.
|
Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
7.8
|
|
|
2021-11-16
|
CVE-2020-12951
|
Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations.
|
Epyc_7001_firmware, Epyc_7002_firmware, Epyc_7003_firmware, Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7401p_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware
|
7.0
|
|
|
2021-11-16
|
CVE-2020-12946
|
Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service.
|
Epyc_7232p_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7352_firmware, Epyc_73f3_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
7.1
|
|
|
2021-11-16
|
CVE-2020-12954
|
A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauthorized SPI ROM modification.
|
Epyc_7001_firmware, Epyc_7002_firmware, Epyc_7003_firmware, Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7401p_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware
|
5.5
|
|
|
2021-11-16
|
CVE-2021-26320
|
Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP
|
Epyc_7232p_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_72f3_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_73f3_firmware, Epyc_7401_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7453_firmware, Epyc_74f3_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7513_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_75f3_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7643_firmware, Epyc_7662_firmware, Epyc_7663_firmware, Epyc_7702_firmware, Epyc_7702p_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7742_firmware, Epyc_7763_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware
|
5.5
|
|
|