Amd: >> Ryzen 3100 Firmware >> renoirpi-fp6_1.0.0.8 Security Vulnerabilities
Improper syscall input validation in AMD TEE
(Trusted Execution Environment) may allow an attacker with physical access and
control of a Uapp that runs under the bootloader to reveal the contents of the
ASP (AMD Secure Processor) bootloader accessible memory to a serial port,
resulting in a potential loss of integrity.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-05-09
Insufficient input validation in ABL may enable
a privileged attacker to corrupt ASP memory, potentially resulting in a loss of
integrity or code execution.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-05-09
Failure to validate the length fields of the ASP
(AMD Secure Processor) sensor fusion hub headers may allow an attacker with a
malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite
data structures leading to a potential loss of confidentiality and integrity.
CVSS Score
9.1
EPSS Score
0.002
Published
2023-05-09
Insufficient bounds checking in ASP (AMD Secure
Processor) may allow for an out of bounds read in SMI (System Management
Interface) mailbox checksum calculation triggering a data abort, resulting in a
potential denial of service.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-09