Amd

Epyc 7003

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2025-0031

  • EPSS 0.02%
  • Veröffentlicht 10.02.2026 19:14:58
  • Zuletzt bearbeitet 10.02.2026 21:51:48

A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.

4

CVE-2025-48514

  • EPSS 0.02%
  • Veröffentlicht 10.02.2026 19:14:22
  • Zuletzt bearbeitet 10.02.2026 21:51:48

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.

6.9

CVE-2025-29939

  • EPSS 0.02%
  • Veröffentlicht 10.02.2026 19:11:59
  • Zuletzt bearbeitet 10.02.2026 21:51:48

Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentialit...

6.7

CVE-2025-52536

  • EPSS 0.02%
  • Veröffentlicht 10.02.2026 19:09:04
  • Zuletzt bearbeitet 10.02.2026 21:51:48

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.

3.2

CVE-2024-21977

  • EPSS 0.01%
  • Veröffentlicht 05.09.2025 12:58:39
  • Zuletzt bearbeitet 05.09.2025 17:47:10

Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.

7.5

CVE-2023-31345

  • EPSS 0.03%
  • Veröffentlicht 12.02.2025 00:15:08
  • Zuletzt bearbeitet 23.09.2025 22:15:32

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.

7.2

CVE-2024-56161

  • EPSS 0.08%
  • Veröffentlicht 03.02.2025 18:15:37
  • Zuletzt bearbeitet 02.04.2025 22:15:17

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AM...

4.4

CVE-2023-31356

  • EPSS 0.03%
  • Veröffentlicht 13.08.2024 17:15:21
  • Zuletzt bearbeitet 11.02.2025 23:15:08

Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.

5.2

CVE-2021-46746

  • EPSS 0.03%
  • Veröffentlicht 13.08.2024 17:15:17
  • Zuletzt bearbeitet 31.10.2024 14:35:00

Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leadi...

3.9

CVE-2021-46772

  • EPSS 0.03%
  • Veröffentlicht 13.08.2024 17:15:17
  • Zuletzt bearbeitet 05.11.2024 22:35:01

Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corrup...