Amd: Security Vulnerabilities
Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-16
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-16
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-16
Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-11-16
Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-11-16
AMD System Management Unit (SMU) may experience an integer overflow when an invalid length is provided which may result in a potential loss of resources.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-16
Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-11-16
Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-11-15
Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service.
CVSS Score
7.1
EPSS Score
0.001
Published
2021-11-15
Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-11-15