CVE-2024-21981
https://notcve.org/view.php?id=CVE-2024-21981
Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2021-46746
https://notcve.org/view.php?id=CVE-2021-46746
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2021-26387
https://notcve.org/view.php?id=CVE-2021-26387
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html • CWE-863: Incorrect Authorization •
CVE-2021-26344
https://notcve.org/view.php?id=CVE-2021-26344
An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html •
CVE-2023-31315 – hw: amd: SMM Lock Bypass
https://notcve.org/view.php?id=CVE-2023-31315
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. A flaw was found in hw. Improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify the SMM configuration while the SMI lock is enabled. This issue can lead to arbitrary code execution. • https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html https://access.redhat.com/security/cve/CVE-2023-31315 https://bugzilla.redhat.com/show_bug.cgi?id=2279283 • CWE-94: Improper Control of Generation of Code ('Code Injection') •