Show filters
15 Total Results
Displaying 11-15 of 15
Sort by:
Attacker Value
Unknown
CVE-2022-23817
Disclosure Date: August 13, 2024 (last updated August 14, 2024)
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.
0
Attacker Value
Unknown
CVE-2021-46746
Disclosure Date: August 13, 2024 (last updated August 14, 2024)
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing
keys to c006Frrupt the return address, causing a
stack-based buffer overrun, potentially leading to a denial of service.
0
Attacker Value
Unknown
CVE-2021-26387
Disclosure Date: August 13, 2024 (last updated August 14, 2024)
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD signing keys and the BIOS menu or UEFI
shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
0
Attacker Value
Unknown
CVE-2023-31315
Disclosure Date: August 12, 2024 (last updated August 13, 2024)
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
0
Attacker Value
Unknown
CVE-2022-23829
Disclosure Date: June 18, 2024 (last updated June 19, 2024)
A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.
0