CVE-2024-21977
- EPSS 0.01%
- Veröffentlicht 05.09.2025 12:58:39
- Zuletzt bearbeitet 05.09.2025 17:47:10
Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.
CVE-2023-31345
- EPSS 0.02%
- Veröffentlicht 12.02.2025 00:15:08
- Zuletzt bearbeitet 23.09.2025 22:15:32
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
CVE-2024-56161
- EPSS 0.01%
- Veröffentlicht 03.02.2025 18:15:37
- Zuletzt bearbeitet 02.04.2025 22:15:17
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AM...
CVE-2023-31356
- EPSS 0.04%
- Veröffentlicht 13.08.2024 17:15:21
- Zuletzt bearbeitet 11.02.2025 23:15:08
Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.
CVE-2021-46746
- EPSS 0.02%
- Veröffentlicht 13.08.2024 17:15:17
- Zuletzt bearbeitet 31.10.2024 14:35:00
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leadi...
CVE-2021-46772
- EPSS 0.03%
- Veröffentlicht 13.08.2024 17:15:17
- Zuletzt bearbeitet 05.11.2024 22:35:01
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corrup...