CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

amd

epyc_7571_firmware

4 known vulnerabilities · sorted by CVSS score

CVE-2023-20520

CRITICAL9.8

Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution.

amd / epyc_72f3_firmware+62

Network

Published May 9, 2023

CVE-2021-46756

CRITICAL9.1

Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the bootloader resulting in a potential denial of service and loss of integrity.

amd / epyc_72f3_firmware+62

Network

Published May 9, 2023

CVE-2021-26406

HIGH7.5

Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service.

amd / epyc_7232p_firmware+39

Network

Published May 9, 2023

CVE-2023-20588

MEDIUM5.5

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

debian / debian_linux+52

Local

Published Aug 8, 2023