Summary
Detail | |||
---|---|---|---|
Vendor | Amd | First view | 2023-07-11 |
Product | Epyc 9754 Firmware | Last view | 2024-01-11 |
Version | Type | Os | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:* | 7 |
cpe:2.3:o:amd:epyc_9754_firmware:*:*:*:*:*:*:*:* | 5 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
3.2 | 2024-01-11 | CVE-2023-20573 | A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information. |
7.5 | 2023-11-14 | CVE-2023-20566 | Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity. |
5.3 | 2023-11-14 | CVE-2022-23830 | SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity. |
7.5 | 2023-11-14 | CVE-2021-46774 | Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service. |
5.5 | 2023-11-14 | CVE-2021-46766 | Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality. |
4.9 | 2023-11-14 | CVE-2021-26345 | Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service. |
6.5 | 2023-07-11 | CVE-2023-20575 | A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
33% (1) | CWE-459 | Incomplete Cleanup |
33% (1) | CWE-203 | Information Exposure Through Discrepancy |
33% (1) | CWE-125 | Out-of-bounds Read |