Vulnerabilidades en AMD
443 resultadosCVE-2023-20588—Speculative LeaksEPSS 12.4%CVE-2023-20569—
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result inEPSS 6.2%CVE-2023-20593—An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive informationEPSS 5.8%CVE-2022-29900—Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependEPSS 3.8%CVE-2020-12965—When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 addreEPSS 2.4%CVE-2020-12967—AMD Secure Encrypted VirtualizationEPSS 1.7%CVE-2021-26311—AMD Secure Encrypted VirtualizationEPSS 1.7%CVE-2023-31320—Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in EPSS 1.3%CVE-2024-2193MEDIUMSpeculative Race Condition impacts modern CPU architectures that support speculative execution, also known as GhostRace.EPSS 1.2%CVE-2021-26334—AMD Chipset Driver Information Disclosure VulnerabilityEPSS 1.2%CVE-2023-20562— EPSS 1.1%CVE-2020-12988—A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the system whEPSS 1.0%CVE-2022-23823—A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to pEPSS 1.0%CVE-2023-20592—Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache lEPSS 1.0%CVE-2021-26322—Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”.EPSS 1.0%CVE-2022-23821—Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execEPSS 1.0%CVE-2023-20596—Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leadinEPSS 1.0%CVE-2021-26338—Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM reEPSS 0.9%CVE-2023-20586—Radeon™ Software Crimson ReLive EditionEPSS 0.8%CVE-2023-20520CRITICALImproper access control settings in ASP
Bootloader may allow an attacker to corrupt the return address causing a
stack-based buffer overrun EPSS 0.8%