Page 49 of 279 results (0.009 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. In line with industry partners, AMD has updated the RAPL interface to require privileged access. Una vulnerabilidad potencial en la extensión de AMD para el servicio "hwmon" de Linux puede permitir a un atacante utilizar la interfaz RAPL (Running Average Power Limit) basada en Linux para mostrar varios ataques de canal lateral. De acuerdo con los socios de la industria, AMD ha actualizado la interfaz RAPL para requerir acceso privilegiado • https://www.amd.com/en/corporate/product-security • CWE-203: Observable Discrepancy CWE-749: Exposed Dangerous Method or Function •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical access of the device because the power must be repeatedly turned on and off. This potential attack may be used to change confidential information, alter executables signed by key material in the TPM, or create a denial of service of the device. Es posible que el software de referencia Trusted Platform Modules (TPM) no rastree correctamente la cantidad de veces que ocurre un apagado fallido. • https://www.amd.com/en/corporate/product-security • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTCreateAllocation API request can cause an out-of-bounds read and denial of service (BSOD). This vulnerability can be triggered from a non-privileged account. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad del manejador D3DKMTCreateAllocation de AMD ATIKMDAG.SYS (por ejemplo, versión 26.20.15029.27017). Una petición de la API de D3DKMTCreateAllocation especialmente diseñada puede causar una lectura fuera de límites y una denegación de servicio (BSOD). • https://www.amd.com/en/corporate/product-security • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system. Una vulnerabilidad en un controlador AMD cargado dinámicamente en AMD Ryzen Master versión V15, puede permitir a cualquier usuario autenticado escalar privilegios a NT authority system • https://www.amd.com/en/corporate/product-security • CWE-749: Exposed Dangerous Method or Function •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTEscape API request can cause an out-of-bounds read in Windows OS kernel memory area. This vulnerability can be triggered from a non-privileged account. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad del manejador D3DKMTEscape de AMD ATIKMDAG.SYS (por ejemplo, versión 26.20.15029.27017). Una petición de la API de D3DKMTEscape especialmente diseñada puede causar una lectura fuera de límites en el área de memoria del kernel del Sistema Operativo Windows. • https://www.amd.com/en/corporate/product-security • CWE-125: Out-of-bounds Read •