CVE-2023-20567
https://notcve.org/view.php?id=CVE-2023-20567
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution. La verificación inadecuada de la firma del controlador RadeonTM RX Vega M Graphics para Windows puede permitir que un atacante con privilegios de administrador inicie AMDSoftwareInstaller.exe sin validar la firma del archivo, lo que podría provocar la ejecución de código arbitrario. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2021-46748
https://notcve.org/view.php?id=CVE-2021-46748
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service. Una verificación de límites insuficiente en el ASP (AMD Secure Processor) puede permitir que un atacante acceda a la memoria fuera de los límites de lo permitido para una TA (Trusted Application), lo que resulta en una posible denegación de servicio. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-20588 – Speculative Leaks
https://notcve.org/view.php?id=CVE-2023-20588
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Un error de división por cero en algunos procesadores AMD puede potencialmente devolver datos especulativos que resulten en una pérdida de confidencialidad. • http://www.openwall.com/lists/oss-security/2023/09/25/3 http://www.openwall.com/lists/oss-security/2023/09/25/4 http://www.openwall.com/lists/oss-security/2023/09/25/5 http://www.openwall.com/lists/oss-security/2023/09/25/7 http://www.openwall.com/lists/oss-security/2023/09/25/8 http://www.openwall.com/lists/oss-security/2023/09/26/5 http://www.openwall.com/lists/oss-security/2023/09/26/8 http://www.openwall.com/lists/oss-security/2023 • CWE-369: Divide By Zero •
CVE-2023-20589 – fTPM Voltage Fault Injection
https://notcve.org/view.php?id=CVE-2023-20589
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4005 •
CVE-2021-26365
https://notcve.org/view.php?id=CVE-2021-26365
Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •