This page lists publicly disclosed CVE vulnerabilities affecting amd epyc_7571_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-20588 | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | [email protected] | 5.5 | 5.46% | 2023-08-08 | 2024-11-21 |
| CVE-2021-46756 | Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the bootloader resulting in a potential denial of service and loss of integrity. | [email protected] | 9.1 | 0.47% | 2023-05-09 | 2025-01-28 |
| CVE-2023-20520 | Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution. | [email protected] | 9.8 | 0.59% | 2023-05-09 | 2025-01-28 |
| CVE-2021-26406 | Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service. | [email protected] | 7.5 | 0.45% | 2023-05-09 | 2025-01-28 |