Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for athlon_silver_pro_3125ge_firmware by amd

    CVE-2023-20588 (GCVE-0-2023-20588)

    Vulnerability from nvd – Published: 2023-08-08 17:06 – Updated: 2024-10-17 14:23
    VLAI
    Title
    Speculative Leaks
    Summary
    A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    AMD
    References
    URL Tags
    https://www.amd.com/en/corporate/product-security… vendor-advisory
    https://www.debian.org/security/2023/dsa-5480
    https://www.debian.org/security/2023/dsa-5492
    http://www.openwall.com/lists/oss-security/2023/09/25/3
    http://www.openwall.com/lists/oss-security/2023/09/25/4
    http://xenbits.xen.org/xsa/advisory-439.html
    http://www.openwall.com/lists/oss-security/2023/09/25/5
    http://www.openwall.com/lists/oss-security/2023/09/25/8
    http://www.openwall.com/lists/oss-security/2023/09/25/7
    http://www.openwall.com/lists/oss-security/2023/09/26/5
    http://www.openwall.com/lists/oss-security/2023/09/26/8
    http://www.openwall.com/lists/oss-security/2023/09/26/9
    http://www.openwall.com/lists/oss-security/2023/09/27/1
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/10/03/9
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/10/04/1
    http://www.openwall.com/lists/oss-security/2023/10/04/2
    http://www.openwall.com/lists/oss-security/2023/10/04/4
    http://www.openwall.com/lists/oss-security/2023/10/04/3
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.debian.org/debian-lts-announce/2023…
    https://security.netapp.com/advisory/ntap-2024053…
    Date Public
    2023-08-08 16:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:36.921Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5480"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5492"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://xenbits.xen.org/xsa/advisory-439.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/5"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/8"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/26/5"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/26/8"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/26/9"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/27/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/14"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/9"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/15"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/12"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/13"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/16"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/04/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/04/2"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/04/4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/04/3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240531-0005/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20588",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-17T14:23:03.408701Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-17T14:23:18.239Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "EPYC\u2122 7001 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 3000 Series Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T16:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.\u0026nbsp;\n\n\n\n\n\n\n\n"
                }
              ],
              "value": "\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.\u00a0\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T17:06:30.065Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5480"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5492"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/3"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
            },
            {
              "url": "http://xenbits.xen.org/xsa/advisory-439.html"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/5"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/8"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/26/5"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/26/8"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/26/9"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/27/1"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/14"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/9"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/15"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/12"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/13"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/16"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/04/1"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/04/2"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/04/4"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/04/3"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/"
            },
            {
              "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240531-0005/"
            }
          ],
          "source": {
            "advisory": "AMD-SB-7007",
            "discovery": "UNKNOWN"
          },
          "title": "Speculative Leaks",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20588",
        "datePublished": "2023-08-08T17:06:30.065Z",
        "dateReserved": "2022-10-27T18:53:39.759Z",
        "dateUpdated": "2024-10-17T14:23:18.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26316 (GCVE-0-2021-26316)

    Vulnerability from nvd – Published: 2023-01-10 19:46 – Updated: 2025-04-09 15:19
    VLAI
    Summary
    Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-20 - Improper Input Validation
    Assigner
    AMD
    Date Public
    2023-01-10 17:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:19:20.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26316",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T15:18:38.823141Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-20",
                    "description": "CWE-20 Improper Input Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T15:19:17.090Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen 5000 Series ",
              "vendor": " AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen 2000 Series",
              "vendor": " AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen 3000 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA ",
              "platforms": [
                "x86"
              ],
              "product": "1st Gen EPYC ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "2nd Gen EPYC",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "3rd Gen EPYC",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-01-10T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution."
                }
              ],
              "value": "Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-11T07:01:59.843Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032"
            }
          ],
          "source": {
            "advisory": "AMD-SB-1031, AMD-SB-1032",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26316",
        "datePublished": "2023-01-10T19:46:46.575Z",
        "dateReserved": "2021-01-29T21:24:26.137Z",
        "dateUpdated": "2025-04-09T15:19:17.090Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12965 (GCVE-0-2020-12965)

    Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-16 22:40
    VLAI
    Summary
    When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage.
    Severity
    No CVSS data available.
    CWE
    • TBD
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD All supported processors Affected: unspecified , < undefined (custom)
    Create a notification for this product.
    Date Public
    2021-08-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:11:19.033Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010"
              },
              {
                "name": "[oss-security] 20231205 SLAM: Spectre based on Linear Address Masking",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/12/05/3"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "All supported processors",
              "vendor": "AMD",
              "versions": [
                {
                  "lessThan": "undefined",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-08-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "TBD",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-06T03:06:18.982Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010"
            },
            {
              "name": "[oss-security] 20231205 SLAM: Spectre based on Linear Address Masking",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2023/12/05/3"
            }
          ],
          "source": {
            "advisory": "AMD-SB-1010",
            "discovery": "EXTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2020-12965",
        "datePublished": "2022-02-04T22:29:13.634Z",
        "dateReserved": "2020-05-15T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:40:10.602Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20588 (GCVE-0-2023-20588)

    Vulnerability from cvelistv5 – Published: 2023-08-08 17:06 – Updated: 2024-10-17 14:23
    VLAI
    Title
    Speculative Leaks
    Summary
    A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    AMD
    References
    URL Tags
    https://www.amd.com/en/corporate/product-security… vendor-advisory
    https://www.debian.org/security/2023/dsa-5480
    https://www.debian.org/security/2023/dsa-5492
    http://www.openwall.com/lists/oss-security/2023/09/25/3
    http://www.openwall.com/lists/oss-security/2023/09/25/4
    http://xenbits.xen.org/xsa/advisory-439.html
    http://www.openwall.com/lists/oss-security/2023/09/25/5
    http://www.openwall.com/lists/oss-security/2023/09/25/8
    http://www.openwall.com/lists/oss-security/2023/09/25/7
    http://www.openwall.com/lists/oss-security/2023/09/26/5
    http://www.openwall.com/lists/oss-security/2023/09/26/8
    http://www.openwall.com/lists/oss-security/2023/09/26/9
    http://www.openwall.com/lists/oss-security/2023/09/27/1
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/10/03/9
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/1…
    http://www.openwall.com/lists/oss-security/2023/10/04/1
    http://www.openwall.com/lists/oss-security/2023/10/04/2
    http://www.openwall.com/lists/oss-security/2023/10/04/4
    http://www.openwall.com/lists/oss-security/2023/10/04/3
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.debian.org/debian-lts-announce/2023…
    https://security.netapp.com/advisory/ntap-2024053…
    Date Public
    2023-08-08 16:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:36.921Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5480"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5492"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://xenbits.xen.org/xsa/advisory-439.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/5"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/8"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/26/5"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/26/8"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/26/9"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/09/27/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/14"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/9"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/15"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/12"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/13"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/16"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/04/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/04/2"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/04/4"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/04/3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240531-0005/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20588",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-17T14:23:03.408701Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-17T14:23:18.239Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "EPYC\u2122 7001 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 3000 Series Processors with Radeon\u2122 Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "packageName": " ",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Athlon\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various "
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T16:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.\u0026nbsp;\n\n\n\n\n\n\n\n"
                }
              ],
              "value": "\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.\u00a0\n\n\n\n\n\n\n\n"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T17:06:30.065Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5480"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5492"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/3"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
            },
            {
              "url": "http://xenbits.xen.org/xsa/advisory-439.html"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/5"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/8"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/26/5"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/26/8"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/26/9"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/09/27/1"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/14"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/9"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/15"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/12"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/13"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/03/16"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/04/1"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/04/2"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/04/4"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2023/10/04/3"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/"
            },
            {
              "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20240531-0005/"
            }
          ],
          "source": {
            "advisory": "AMD-SB-7007",
            "discovery": "UNKNOWN"
          },
          "title": "Speculative Leaks",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20588",
        "datePublished": "2023-08-08T17:06:30.065Z",
        "dateReserved": "2022-10-27T18:53:39.759Z",
        "dateUpdated": "2024-10-17T14:23:18.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26316 (GCVE-0-2021-26316)

    Vulnerability from cvelistv5 – Published: 2023-01-10 19:46 – Updated: 2025-04-09 15:19
    VLAI
    Summary
    Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-20 - Improper Input Validation
    Assigner
    AMD
    Date Public
    2023-01-10 17:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:19:20.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26316",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T15:18:38.823141Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-20",
                    "description": "CWE-20 Improper Input Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T15:19:17.090Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen 5000 Series ",
              "vendor": " AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen 2000 Series",
              "vendor": " AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "Ryzen 3000 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA ",
              "platforms": [
                "x86"
              ],
              "product": "1st Gen EPYC ",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "2nd Gen EPYC",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various "
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "AGESA",
              "platforms": [
                "x86"
              ],
              "product": "3rd Gen EPYC",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various "
                }
              ]
            }
          ],
          "datePublic": "2023-01-10T17:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution."
                }
              ],
              "value": "Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-11T07:01:59.843Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032"
            }
          ],
          "source": {
            "advisory": "AMD-SB-1031, AMD-SB-1032",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26316",
        "datePublished": "2023-01-10T19:46:46.575Z",
        "dateReserved": "2021-01-29T21:24:26.137Z",
        "dateUpdated": "2025-04-09T15:19:17.090Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12965 (GCVE-0-2020-12965)

    Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 22:40
    VLAI
    Summary
    When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage.
    Severity
    No CVSS data available.
    CWE
    • TBD
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD All supported processors Affected: unspecified , < undefined (custom)
    Create a notification for this product.
    Date Public
    2021-08-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:11:19.033Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010"
              },
              {
                "name": "[oss-security] 20231205 SLAM: Spectre based on Linear Address Masking",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/12/05/3"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "All supported processors",
              "vendor": "AMD",
              "versions": [
                {
                  "lessThan": "undefined",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-08-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "TBD",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-06T03:06:18.982Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010"
            },
            {
              "name": "[oss-security] 20231205 SLAM: Spectre based on Linear Address Masking",
              "tags": [
                "mailing-list"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2023/12/05/3"
            }
          ],
          "source": {
            "advisory": "AMD-SB-1010",
            "discovery": "EXTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2020-12965",
        "datePublished": "2022-02-04T22:29:13.634Z",
        "dateReserved": "2020-05-15T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:40:10.602Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }