Kategori: NIST-Güvenlik Açıkları

CVE-2021-26355

Insufficient fencing and checks in System Management Unit (SMU) may result in access to invalid message port registers that could result in a potential denial-of-service.…

Devamını oku

CVE-2021-26398

Insufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS…

Devamını oku

CVE-2021-26402

Insufficient bounds checking in ASP (AMD Secure Processor) firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM…

Devamını oku

CVE-2021-26403

Insufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of VM confidentiality. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2021-26404

Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure. Zafiyet ile ilgili Genel Bilgi, Etki…

Devamını oku

CVE-2021-26316

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM…

Devamını oku

CVE-2021-26343

Insufficient validation in ASP BIOS and DRTM commands may allow malicious supervisor x86 software to disclose the contents of sensitive memory which may result in…

Devamını oku

CVE-2021-26346

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory…

Devamını oku