Vulnerabilidades en AMD
443 resultadosCVE-2021-26370—Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allEPSS 0.2%CVE-2024-21966HIGHA DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to achieve privilege escalation, potentially resultiEPSS 0.2%CVE-2020-12946—Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service.EPSS 0.2%CVE-2021-46778—Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” EPSS 0.2%CVE-2024-21949MEDIUMImproper validation of user input in the NPU driver could allow an attacker to provide a buffer with unexpected size, potentially leading toEPSS 0.2%CVE-2021-26352—Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space thaEPSS 0.2%CVE-2021-26342—In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includEPSS 0.2%CVE-2021-26375—Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address spaEPSS 0.2%CVE-2021-26348—Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory iEPSS 0.2%CVE-2021-26360HIGHAn attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This couEPSS 0.2%CVE-2021-26346MEDIUMFailure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in tEPSS 0.2%CVE-2021-26373—Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resoEPSS 0.2%CVE-2021-26372—Insufficient bound checks related to PCIE in the System Management Unit (SMU) may result in access to an invalid address space that could reEPSS 0.2%CVE-2021-26376—Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resouEPSS 0.2%CVE-2021-26325—Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service.EPSS 0.2%CVE-2021-26329—AMD System Management Unit (SMU) may experience an integer overflow when an invalid length is provided which may result in a potential loss EPSS 0.2%CVE-2021-26330—AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources.EPSS 0.2%CVE-2021-26398HIGHInsufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AEPSS 0.2%CVE-2021-26388—Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memoEPSS 0.2%CVE-2021-26378—Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial oEPSS 0.2%