Vulnerabilities (CVE)

Filtered by vendor Amd Subscribe
Filtered by product Epyc 72f3
Total 90 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-26331 1 Amd 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more 2024-02-28 7.2 HIGH 7.8 HIGH
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution.
CVE-2021-26329 1 Amd 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more 2024-02-28 2.1 LOW 5.5 MEDIUM
AMD System Management Unit (SMU) may experience an integer overflow when an invalid length is provided which may result in a potential loss of resources.
CVE-2021-26338 1 Amd 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more 2024-02-28 7.8 HIGH 7.5 HIGH
Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources.
CVE-2020-12966 1 Amd 214 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 211 more 2024-02-28 2.1 LOW 5.5 MEDIUM
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor.
CVE-2021-26327 1 Amd 40 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 37 more 2024-02-28 2.1 LOW 5.5 MEDIUM
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality.
CVE-2020-12951 1 Amd 116 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 113 more 2024-02-28 4.4 MEDIUM 7.0 HIGH
Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations.
CVE-2020-12946 1 Amd 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more 2024-02-28 6.6 MEDIUM 7.1 HIGH
Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service.
CVE-2020-12988 1 Amd 122 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 119 more 2024-02-28 7.8 HIGH 7.5 HIGH
A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the system when it is rebooted.
CVE-2021-26311 1 Amd 65 Epyc 7232p, Epyc 7251, Epyc 7252 and 62 more 2024-02-28 9.0 HIGH 7.2 HIGH
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
CVE-2020-12967 1 Amd 65 Epyc 7232p, Epyc 7251, Epyc 7252 and 62 more 2024-02-28 9.0 HIGH 7.2 HIGH
The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.