Amd: Security Vulnerabilities
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-06-07
The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-03-25
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-02-27
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-02-27
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-02-27
The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, aka the errata 793 issue.
CVSS Score
4.7
EPSS Score
0.013
Published
2013-11-29
The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call.
CVSS Score
7.2
EPSS Score
0.0
Published
2008-09-05
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
CVSS Score
4.9
EPSS Score
0.001
Published
2008-05-08
Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors.
CVSS Score
4.7
EPSS Score
0.001
Published
2007-10-23
The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
CVSS Score
6.9
EPSS Score
0.0
Published
2007-08-13