Show filters
112 Total Results
Displaying 41-50 of 112
Sort by:
Attacker Value
Unknown

CVE-2023-20532

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-20531

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-20530

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-20529

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-20528

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-20527

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-20525

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-20523

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or denial of service.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-26404

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-26403

Disclosure Date: January 11, 2023 (last updated November 08, 2023)
Insufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of VM confidentiality.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >