Advanced Micro Devices (AMD) EPYC 7002 Firmware RomePI 1.0.0.C

CPE Details

Advanced Micro Devices (AMD) EPYC 7002 Firmware RomePI 1.0.0.C
amd
epyc_7002_firmware
romepi_1.0.0.c
2023-01-17
16h01 +00:00
2023-01-25
05h04 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:amd:epyc_7002_firmware:romepi_1.0.0.c:*:*:*:*:*:*:*

Informations

Vendor

amd

Product

epyc_7002_firmware

Version

romepi_1.0.0.c

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-26371 2023-05-09 18h59 +00:00 A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure.
5.5
Moyen
CVE-2021-26356 2023-05-09 18h58 +00:00 A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure.
7.4
Haute
CVE-2021-26354 2023-05-09 18h58 +00:00 Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity.
5.5
Moyen
CVE-2023-20525 2023-01-10 20h57 +00:00 Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service.
6.5
Moyen
CVE-2021-26316 2023-01-10 19h46 +00:00 Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.
7.8
Haute