CVSS: 5.5EPSS: 0%CPEs: 168EXPL: 0CVE-2021-26339
https://notcve.org/view.php?id=CVE-2021-26339
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers. Un bug en la lógica del núcleo de la CPU de AMD puede permitir a un atacante, usando un código específico de una máquina virtual no privilegiada, desencadenar un cuelgue del núcleo de la CPU resultando en una potencial denegación de servicio. AMD cree que el código específico incluye una secuencia de instrucciones x86 específica que no sería generada por los compiladores • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028 •
CVSS: 6.5EPSS: 0%CPEs: 252EXPL: 0CVE-2021-26341 – hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch
https://notcve.org/view.php?id=CVE-2021-26341
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. Algunas CPUs de AMD pueden ejecutar transitoriamente más allá de las ramas directas no condicionales, lo que puede potencialmente resultar en un filtrado de datos A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. • http://www.openwall.com/lists/oss-security/2022/03/18/2 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1026 https://access.redhat.com/security/cve/CVE-2021-26341 https://bugzilla.redhat.com/show_bug.cgi?id=2061703 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-552: Files or Directories Accessible to External Parties •
CVSS: 5.6EPSS: 0%CPEs: 252EXPL: 0CVE-2021-26401 – hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715
https://notcve.org/view.php?id=CVE-2021-26401
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. LFENCE/JMP (mitigación V2-2) puede no mitigar suficientemente CVE-2017-5715 en algunas CPUs AMD A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation (MITIGATION V2-2) may be large enough to be exploited on AMD CPUs. • http://www.openwall.com/lists/oss-security/2022/03/18/2 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036 https://access.redhat.com/security/cve/CVE-2021-26401 https://bugzilla.redhat.com/show_bug.cgi?id=2061700 •