Vulnerabilities (CVE)

Filtered by vendor Amd Subscribe
Filtered by product Epyc 9124
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31347 1 Amd 123 Epyc 7203 Firmware, Epyc 7203p, Epyc 7203p Firmware and 120 more 2024-11-21 N/A 4.9 MEDIUM
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.  
CVE-2023-31346 1 Amd 123 Epyc 7203 Firmware, Epyc 7203p, Epyc 7203p Firmware and 120 more 2024-11-21 N/A 6.0 MEDIUM
Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
CVE-2023-20575 1 Amd 176 Epyc 5552, Epyc 5552 Firmware, Epyc 7232p and 173 more 2024-11-21 N/A 6.5 MEDIUM
A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information.
CVE-2023-20573 1 Amd 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more 2024-11-21 N/A 3.2 LOW
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.
CVE-2023-20569 4 Amd, Debian, Fedoraproject and 1 more 296 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 293 more 2024-11-21 N/A 4.7 MEDIUM
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVE-2023-20566 1 Amd 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more 2024-11-21 N/A 5.3 MEDIUM
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
CVE-2022-23830 1 Amd 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more 2024-11-21 N/A 1.9 LOW
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
CVE-2021-46774 1 Amd 274 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 271 more 2024-11-21 N/A 6.7 MEDIUM
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
CVE-2021-46766 1 Amd 56 Epyc 9124, Epyc 9124 Firmware, Epyc 9174f and 53 more 2024-11-21 N/A 2.5 LOW
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
CVE-2021-26345 1 Amd 180 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 177 more 2024-11-21 N/A 1.9 LOW
Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
CVE-2023-20578 1 Amd 210 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 207 more 2024-10-02 N/A 6.4 MEDIUM
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.