CVE-2022-23825 – hw: cpu: AMD: Branch Type Confusion (non-retbleed)
https://notcve.org/view.php?id=CVE-2022-23825
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. Los alias en el predictor de bifurcación pueden causar que algunos procesadores AMD predigan el tipo de bifurcación incorrecto, conllevando a una divulgación de información A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure. • http://www.openwall.com/lists/oss-security/2022/11/08/1 http://www.openwall.com/lists/oss-security/2022/11/10/2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLSRW4LLTAT3CZMOYVNTC7YIYGX3KLED https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K https://lists.fedoraproject.org/archives/list • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2022-29900 – hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions
https://notcve.org/view.php?id=CVE-2022-29900
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. Las predicciones de bifurcación mal entrenadas para las instrucciones de retorno pueden permitir la ejecución arbitraria de código especulativo bajo ciertas condiciones dependientes de la microarquitectura A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. • https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM https://security.gentoo.org/glsa/202402-07 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037 https://www.debian.org/security/2022/dsa-5207 https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability https://access.redhat.com/security/cve/CVE-2022-29900 https • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVE-2022-23823
https://notcve.org/view.php?id=CVE-2022-23823
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. Una vulnerabilidad potencial en algunos procesadores AMD que usan el escalado de frecuencia puede permitir a un atacante autenticado ejecutar un ataque de tiempo para permitir potencialmente la divulgación de información • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1038 • CWE-203: Observable Discrepancy •
CVE-2021-26386
https://notcve.org/view.php?id=CVE-2021-26386
A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution. Un atacante puede usar una UApp o ABL maliciosa o comprometida para emitir una llamada al sistema malformada al cargador de arranque de la fase 2, conllevando potencialmente a una corrupción de la memoria y una ejecución de código • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 • CWE-787: Out-of-bounds Write •
CVE-2021-26317
https://notcve.org/view.php?id=CVE-2021-26317
Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution. Una falta de verificación del protocolo en el SMM podría permitir a un atacante controlar el protocolo y modificar la flash SPI, resultando en una potencial ejecución de código arbitrario • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 •