Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:amd:epyc_7401p_firmware:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-26341 |
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. Published: March 11, 2022; 1:15:10 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-12966 |
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor. Published: February 04, 2022; 6:15:10 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-26340 |
A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior inside the virtual machine (VM). Published: December 10, 2021; 5:15:08 PM -0500 |
V4.0:(not available) V3.1: 8.4 HIGH V2.0: 3.6 LOW |
CVE-2021-26335 |
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution. Published: November 16, 2021; 2:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2021-26331 |
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution. Published: November 16, 2021; 2:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2021-26330 |
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. Published: November 16, 2021; 2:15:08 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-12954 |
A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauthorized SPI ROM modification. Published: November 16, 2021; 2:15:07 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-12951 |
Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations. Published: November 16, 2021; 2:15:07 PM -0500 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0: 4.4 MEDIUM |
CVE-2020-12988 |
A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the system when it is rebooted. Published: June 11, 2021; 6:15:11 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 7.8 HIGH |