📦 Epyc 7402 Firmware

This vulnerability in AMD Secure Processor bootloader allows attackers with malicious user applications or ABL to send malformed syscalls, potentially causing denial of service and integrity loss. It ...

This vulnerability in AMD ASP Bootloader allows attackers to corrupt return addresses via stack-based buffer overflows, potentially leading to arbitrary code execution. It affects systems with vulnera...

This vulnerability allows an attacker to corrupt SMRAM (System Management RAM) by exploiting insufficient input validation in the SMU (System Management Unit) mailbox data. It can lead to privilege es...

This CVE describes a TOCTOU (Time-Of-Check-Time-Of-Use) vulnerability in AMD System Management Mode (SMM) that could allow an attacker with ring0 privileges and BIOS/UEFI access to modify communicatio...

This vulnerability allows a privileged attacker to write beyond intended memory bounds in AMD's System Management Unit (SMU), potentially compromising system integrity. It affects systems with vulnera...

This vulnerability allows a privileged attacker to bypass syscall input validation in AMD's ASP Bootloader, enabling arbitrary DMA copies that can lead to code execution. It affects systems with vulne...

This vulnerability is a Time-of-Check Time-of-Use (TOCTOU) race condition in AMD's ASP bootloader that allows an attacker to tamper with SPI ROM data after it's been read to memory. This can lead to S...

This vulnerability in AMD's Secure Encrypted Virtualization (SEV) and SEV-ES technology allows insufficient validation of Owner's Certificate Authority certificates, potentially causing a host crash a...

This AMD firmware vulnerability allows attackers with local access to overwrite bootloader memory by exploiting improper address validation in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTR...

This vulnerability in AMD SEV-legacy firmware allows insufficient validation of elliptic curve points during guest migration. Attackers could potentially compromise guest integrity or confidentiality ...

This vulnerability in AMD System Management Unit (SMU) allows a malicious user to manipulate mailbox entries, potentially leading to arbitrary code execution. It affects AMD processors with vulnerable...

This vulnerability allows attackers to execute arbitrary code by exploiting insufficient validation of BIOS image length in AMD ASP Firmware. It affects systems with vulnerable AMD processors and firm...

A race condition vulnerability in AMD's ASP firmware allows less privileged x86 code to perform System Management Mode operations. This affects AMD processors with vulnerable firmware versions, potent...

This vulnerability in AMD's Platform Security Processor (PSP) allows attackers to manipulate privileged registers on the System Management Network, potentially bypassing SPI ROM protections. This affe...

This vulnerability in AMD platform security processors (PSP) allows potential recovery of encrypted private keys due to insufficient initialization vector (IV) randomness. Attackers could decrypt plat...

CVE-2021-26338 is an improper access control vulnerability in AMD's System Management Unit (SMU) that allows attackers to override performance control tables in DRAM. This could lead to denial of serv...

This vulnerability in AMD integrated chipsets allows a malicious attacker to cause a denial of service by hanging the system during reboot. It affects systems with vulnerable AMD chipsets, potentially...