CVE-2023-20594

all versions

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

4.4MEDIUM

CVE-2021-26371

< milanpi_1.0.0.6

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memo

5.5MEDIUM

CVE-2021-26354

< milanpi_1.0.0.6

Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary

5.5MEDIUM

CVE-2023-20532

< milanpi_1.0.0.5

Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of

5.3MEDIUM

CVE-2023-20531

< milanpi_1.0.0.5

Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentiall

7.5HIGH

CVE-2023-20530

< milanpi_1.0.0.5

Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a

7.5HIGH

CVE-2023-20529

< milanpi_1.0.0.5

Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially res

7.5HIGH

CVE-2023-20528

< milanpi_1.0.0.5

Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentia

2.4LOW

CVE-2023-20527

< milanpi_1.0.0.5

Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially

6.5MEDIUM

CVE-2023-20525

< milanpi_1.0.0.5

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a

6.5MEDIUM

CVE-2023-20523

< milanpi_1.0.0.5

TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or d

5.7MEDIUM

CVE-2021-26404

< milanpi-sp3_1.0.0.9

Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information discl

5.5MEDIUM

CVE-2021-26402

< milanpi_1.0.0.4

Insufficient bounds checking in ASP (AMD Secure Processor) firmware while handling BIOS mailbox commands, may allow an attacker to

7.1HIGH

CVE-2021-26398

< milanpi_1.0.0.4

Insufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corr

7.8HIGH

CVE-2021-26396

< milanpi-sp3_1.0.0.9

Insufficient validation of address mapping to IO in ASP (AMD Secure Processor) may result in a loss of memory integrity in the SNP

4.4MEDIUM

CVE-2021-26355

< milanpi-sp3_1.0.0.7

Insufficient fencing and checks in System Management Unit (SMU) may result in access to invalid message port registers that could

5.5MEDIUM

CVE-2021-26343

< milanpi_1.0.0.3

Insufficient validation in ASP BIOS and DRTM commands may allow malicious supervisor x86 software to disclose the contents of sens

5.5MEDIUM

CVE-2021-26328

< milanpi_1.0.0.8

Failure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss of memory integrity for SNP guest

4.4MEDIUM

CVE-2021-26316

< milanpi-sp3_1.0.0.8

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer

7.8HIGH

CVE-2022-23824

all versions

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information

5.5MEDIUM

CVE-2021-46778

all versions

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen

5.6MEDIUM

CVE-2021-46744

all versions

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring c

6.5MEDIUM

CVE-2020-12966

< milanpi-sp3_1.0.0.5

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State

5.5MEDIUM

CVE-2021-26337

< milanpi-sp3_1.0.0.4

Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM re

5.5MEDIUM

CVE-2021-26336

< milanpi-sp3_1.0.0.4

Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU ha

5.5MEDIUM

CVE-2021-26335

< milanpi-sp3_1.0.0.4

Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker

7.8HIGH

CVE-2021-26331

< milanpi-sp3_1.0.0.4

AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leadi

7.8HIGH

CVE-2021-26330

< milanpi-sp3_1.0.0.4

AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources.

5.5MEDIUM

CVE-2021-26327

< milanpi-sp3_1.0.0.4

Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality.

5.5MEDIUM

CVE-2021-26315

< milanpi-sp3_1.0.0.4

When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to in

7.8HIGH

CVE-2020-12961

< milanpi-sp3_1.0.0.4

A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged regist

7.8HIGH

CVE-2020-12954

< milanpi-sp3_1.0.0.4

A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauth

5.5MEDIUM

CVE-2020-12951

< milanpi-sp3_1.0.0.4

Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations.

7.0HIGH

CVE-2020-12988

< milanpi-sp3_1.0.0.4

A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the

7.5HIGH