CVSS: 4.7EPSS: 0%CPEs: 340EXPL: 0CVE-2022-27672 – kernel: AMD: Cross-Thread Return Address Predictions
https://notcve.org/view.php?id=CVE-2022-27672
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. A flaw was found in HW. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch, potentially resulting in information disclosure. • https://security.gentoo.org/glsa/202402-07 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1045 https://access.redhat.com/security/cve/CVE-2022-27672 https://bugzilla.redhat.com/show_bug.cgi?id=2174765 •
CVSS: 6.2EPSS: 0%CPEs: 74EXPL: 0CVE-2021-26390
https://notcve.org/view.php?id=CVE-2021-26390
A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data. Una UApp o ABL maliciosa o comprometida puede coaccionar al administrador de arranque para que corrompa la memoria arbitraria, lo que podría conllevar a una pérdida de la integridad de los datos • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 •
CVSS: 6.5EPSS: 0%CPEs: 252EXPL: 0CVE-2021-26341 – hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch
https://notcve.org/view.php?id=CVE-2021-26341
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. Algunas CPUs de AMD pueden ejecutar transitoriamente más allá de las ramas directas no condicionales, lo que puede potencialmente resultar en un filtrado de datos A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. • http://www.openwall.com/lists/oss-security/2022/03/18/2 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1026 https://access.redhat.com/security/cve/CVE-2021-26341 https://bugzilla.redhat.com/show_bug.cgi?id=2061703 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-552: Files or Directories Accessible to External Parties •
CVSS: 5.6EPSS: 0%CPEs: 252EXPL: 0CVE-2021-26401 – hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715
https://notcve.org/view.php?id=CVE-2021-26401
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. LFENCE/JMP (mitigación V2-2) puede no mitigar suficientemente CVE-2017-5715 en algunas CPUs AMD A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation (MITIGATION V2-2) may be large enough to be exploited on AMD CPUs. • http://www.openwall.com/lists/oss-security/2022/03/18/2 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036 https://access.redhat.com/security/cve/CVE-2021-26401 https://bugzilla.redhat.com/show_bug.cgi?id=2061700 •