Skip to main content

Epyc 9124 Firmware

6 CVEs product

Monthly

CVE-2024-21980 HIGH This Week

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Epyc 7203 Firmware Epyc 7203P Firmware Epyc 72F3 Firmware Epyc 7303 Firmware +82
NVD
CVSS 3.1
7.9
EPSS
0.4%
CVE-2024-21978 HIGH This Week

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Epyc 7203 Firmware Epyc 7203P Firmware Epyc 72F3 Firmware Epyc 7303 Firmware +82
NVD
CVSS 3.1
7.9
EPSS
0.5%
CVE-2023-20573 LOW Monitor

A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Epyc 7763 Firmware Epyc 7713P Firmware Epyc 7713 Firmware Epyc 7663P Firmware +61
NVD
CVSS 3.1
3.2
EPSS
0.1%
CVE-2023-20566 HIGH This Week

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Epyc 7763 Firmware Epyc 7713P Firmware Epyc 7713 Firmware Epyc 7663P Firmware +61
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-20569 MEDIUM POC This Month

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Amd Information Disclosure Fedora Debian Linux Ryzen 9 5950X Firmware +152
NVD
CVSS 3.1
4.7
EPSS
6.2%
CVE-2023-20575 MEDIUM This Month

A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Amd Information Disclosure Epyc 7251 Firmware Epyc 7281 Firmware Epyc 7301 Firmware +85
NVD
CVSS 3.1
6.5
EPSS
0.8%
EPSS 0% CVSS 7.9
HIGH This Week

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Epyc 7203 Firmware Epyc 7203P Firmware +84
NVD
EPSS 0% CVSS 7.9
HIGH This Week

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Epyc 7203 Firmware Epyc 7203P Firmware +84
NVD
EPSS 0% CVSS 3.2
LOW Monitor

A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Epyc 7763 Firmware Epyc 7713P Firmware +63
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Epyc 7763 Firmware Epyc 7713P Firmware +63
NVD
EPSS 6% CVSS 4.7
MEDIUM POC This Month

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Amd Information Disclosure Fedora +154
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Amd Information Disclosure Epyc 7251 Firmware +87
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy