CVSS: 6.5EPSS: 0%CPEs: 277EXPL: 1CVE-2023-4969 – GPU kernel implementations susceptible to memory leak
https://notcve.org/view.php?id=CVE-2023-4969
16 Jan 2024 — A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures. Un kernel de GPU puede leer datos confidenciales de otro kernel de GPU (incluso de otro usuario o aplicación) a través de una región de memoria de GPU optimizada llamada _local memory_ en varias arquitecturas. • https://blog.trailofbits.com • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 10.0EPSS: 0%CPEs: 128EXPL: 0CVE-2023-20596
https://notcve.org/view.php?id=CVE-2023-20596
14 Nov 2023 — Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution. Una validación de entrada incorrecta en SMM Supervisor puede permitir que un atacante con un controlador SMI comprometido obtenga acceso a Ring0, lo que podría conducir a la ejecución de código arbitrario. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011 •
CVSS: 8.1EPSS: 0%CPEs: 144EXPL: 0CVE-2023-20571
https://notcve.org/view.php?id=CVE-2023-20571
14 Nov 2023 — A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. Una condición de ejecución en el código de System Management Mode (SMM) puede permitir que un atacante que utilice un espacio de usuario comprometido aproveche CVE-2018-8897, lo que podría generar una escalada de privilegios. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 144EXPL: 0CVE-2023-20565
https://notcve.org/view.php?id=CVE-2023-20565
14 Nov 2023 — Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. Las protecciones insuficientes en el código del System Management Mode (SMM) pueden permitir que un atacante habilite potencialmente la escalada de privilegios a través del acceso local. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 144EXPL: 0CVE-2023-20563
https://notcve.org/view.php?id=CVE-2023-20563
14 Nov 2023 — Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. Las protecciones insuficientes en el código del System Management Mode (SMM) pueden permitir que un atacante habilite potencialmente la escalada de privilegios a través del acceso local. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 305EXPL: 0CVE-2023-39281
https://notcve.org/view.php?id=CVE-2023-39281
01 Nov 2023 — A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase. Una vulnerabilidad de desbordamiento del búfer de pila descubierta en AsfSecureBootDxe en Insyde InsydeH2O con kernel 5.0 a 5.5 permite a los atacantes ejecutar código arbitrario durante la fase DXE. • https://www.insyde.com/security-pledge • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 110EXPL: 1CVE-2023-20598
https://notcve.org/view.php?id=CVE-2023-20598
17 Oct 2023 — An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution. Una gestión de privilegios inadecuada en el controlador de gráficos AMD Radeon™ puede permitir que un atacante autenticado cree una solicitud IOCTL para obtener control de E/S sobre puertos de hardware o direcciones físicas arbitrarias, lo que resulta en una ... • https://github.com/H4rk3nz0/CVE-2023-20598-PDFWKRNL • CWE-269: Improper Privilege Management •
CVSS: 5.4EPSS: 0%CPEs: 17EXPL: 2CVE-2023-44216
https://notcve.org/view.php?id=CVE-2023-44216
26 Sep 2023 — PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin. PVRIC (PowerVR Image Compression) en Imagination 2018 y dispositivos GPU posteriores ofrece compresión tr... • https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 264EXPL: 0CVE-2023-20555
https://notcve.org/view.php?id=CVE-2023-20555
08 Aug 2023 — Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4003 • CWE-787: Out-of-bounds Write •
CVSS: 5.6EPSS: 0%CPEs: 301EXPL: 1CVE-2023-20569 – amd: Return Address Predictor vulnerability leading to information disclosure
https://notcve.org/view.php?id=CVE-2023-20569
08 Aug 2023 — A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. Una vulnerabilidad de canal lateral en algunas de las CPU de AMD puede permitir que un atacante influya en la predicción de la dirección de retorno. Esto puede dar lugar a una ejecución especulativa en una dirección controlada por el atacante, lo que podría conducir a l... • http://www.openwall.com/lists/oss-security/2023/08/08/4 • CWE-203: Observable Discrepancy •