Epyc 7003 Firmware
Monthly
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or denial of service. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. No vendor patch available.
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or denial of service. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. No vendor patch available.
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.