CVE-2021-26371

< romepi_1.0.0.d

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memo

5.5MEDIUM

CVE-2021-26356

< romepi_1.0.0.d

A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in

7.4HIGH

CVE-2021-26354

< romepi_1.0.0.d

Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary

5.5MEDIUM

CVE-2023-20532

< romepi_1.0.0.c

Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of

5.3MEDIUM

CVE-2023-20531

< romepi_1.0.0.c

Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentiall

7.5HIGH

CVE-2023-20529

< romepi_1.0.0.c

Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially res

7.5HIGH

CVE-2023-20528

< romepi_1.0.0.c

Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentia

2.4LOW

CVE-2023-20527

< romepi_1.0.0.c

Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially

6.5MEDIUM

CVE-2023-20525

< romepi_100d

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a

6.5MEDIUM

CVE-2023-20523

< romepi_1.0.0.c

TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or d

5.7MEDIUM

CVE-2021-26403

< romepi_1.0.0.9

Insufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of

6.5MEDIUM

CVE-2021-26402

< romepi_1.0.0.c

Insufficient bounds checking in ASP (AMD Secure Processor) firmware while handling BIOS mailbox commands, may allow an attacker to

7.1HIGH

CVE-2021-26398

< romepi_1.0.0.c

Insufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corr

7.8HIGH

CVE-2021-26316

< romepi_1.0.0.d

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer

7.8HIGH

CVE-2022-23824

all versions

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information

5.5MEDIUM

CVE-2021-46778

all versions

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen

5.6MEDIUM

CVE-2022-23825

all versions

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information

6.5MEDIUM

CVE-2022-29900

all versions

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitect

6.5MEDIUM

CVE-2022-23823

all versions

A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing a

6.5MEDIUM

CVE-2021-46744

all versions

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring c

6.5MEDIUM

CVE-2021-26347

< romepi-sp3_1.0.0.d

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer ove

4.7MEDIUM

CVE-2021-26408

< romepi-sp3_1.0.0.c

Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resu

7.1HIGH

CVE-2021-26370

< romepi-sp3_1.0.0.c

Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or A

7.1HIGH

CVE-2020-12966

all versions

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State

5.5MEDIUM

CVE-2021-26337

< romepi-sp3_1.0.0.c

Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM re

5.5MEDIUM

CVE-2021-26336

< romepi-sp3_1.0.0.c

Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU ha

5.5MEDIUM

CVE-2021-26335

< romepi-sp3_1.0.0.c

Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker

7.8HIGH

CVE-2021-26331

< romepi-sp3_1.0.0.c

AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leadi

7.8HIGH

CVE-2021-26330

< romepi-sp3_1.0.0.c

AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources.

5.5MEDIUM

CVE-2020-12961

< romepi-sp3_1.0.0.c

A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged regist

7.8HIGH

CVE-2020-12954

< romepi-sp3_1.0.0.c

A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauth

5.5MEDIUM

CVE-2020-12951

< romepi-sp3_1.0.0.c

Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations.

7.0HIGH

CVE-2020-12988

< romepi-sp3_1.0.0.c

A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the

7.5HIGH