CVSS: 7.2EPSS: 0%CPEs: 96EXPL: 0CVE-2021-46775
https://notcve.org/view.php?id=CVE-2021-46775
09 May 2023 — Improper input validation in ABL may enable an attacker with physical access, to perform arbitrary memory overwrites, potentially leading to a loss of integrity and code execution. Improper input validation in ABL may enable an attacker with physical access, to perform arbitrary memory overwrites, potentially leading to a loss of integrity and code execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 96EXPL: 0CVE-2021-46769
https://notcve.org/view.php?id=CVE-2021-46769
09 May 2023 — Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution. Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 96EXPL: 0CVE-2021-46764
https://notcve.org/view.php?id=CVE-2021-46764
09 May 2023 — Improper validation of DRAM addresses in SMU may allow an attacker to overwrite sensitive memory locations within the ASP potentially resulting in a denial of service. Improper validation of DRAM addresses in SMU may allow an attacker to overwrite sensitive memory locations within the ASP potentially resulting in a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 96EXPL: 0CVE-2021-46763
https://notcve.org/view.php?id=CVE-2021-46763
09 May 2023 — Insufficient input validation in the SMU may enable a privileged attacker to write beyond the intended bounds of a shared memory buffer potentially leading to a loss of integrity. Insufficient input validation in the SMU may enable a privileged attacker to write beyond the intended bounds of a shared memory buffer potentially leading to a loss of integrity. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 • CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 0%CPEs: 96EXPL: 0CVE-2021-46762
https://notcve.org/view.php?id=CVE-2021-46762
09 May 2023 — Insufficient input validation in the SMU may allow an attacker to corrupt SMU SRAM potentially leading to a loss of integrity or denial of service. Insufficient input validation in the SMU may allow an attacker to corrupt SMU SRAM potentially leading to a loss of integrity or denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 46EXPL: 0CVE-2021-26397
https://notcve.org/view.php?id=CVE-2021-26397
09 May 2023 — Insufficient address validation, may allow an attacker with a compromised ABL and UApp to corrupt sensitive memory locations potentially resulting in a loss of integrity or availability. Insufficient address validation, may allow an attacker with a compromised ABL and UApp to corrupt sensitive memory locations potentially resulting in a loss of integrity or availability. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 •
CVSS: 10.0EPSS: 0%CPEs: 96EXPL: 0CVE-2021-26379
https://notcve.org/view.php?id=CVE-2021-26379
09 May 2023 — Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially leading to a loss of integrity and privilege escalation. Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially leading to a loss of integrity and privilege escalation. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 •
CVSS: 5.3EPSS: 0%CPEs: 100EXPL: 0CVE-2023-20532
https://notcve.org/view.php?id=CVE-2023-20532
10 Jan 2023 — Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service. Una validación de entrada insuficiente en la SMU puede permitir que un atacante bloquee recursos incorrectamente, lo que podría provocar una denegación de servicio. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 100EXPL: 0CVE-2023-20531
https://notcve.org/view.php?id=CVE-2023-20531
10 Jan 2023 — Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service. Las comprobaciones limitadas insuficientes en la SMU pueden permitir que un atacante actualice la SRAM desde/hacia el espacio de direcciones a un valor no válido, lo que podría provocar una denegación de servicio. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2023-20530
https://notcve.org/view.php?id=CVE-2023-20530
10 Jan 2023 — Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. Una validación de entrada insuficiente de los mensajes del buzón del BIOS en SMU puede provocar lecturas de memoria fuera de los límites, lo que podría provocar una denegación de servicio. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-20: Improper Input Validation •