AMD reveals an EPYC 50 flaws – 23 of them rated High severity. Intel has 25 problems, too • The Register


Microsoft may have given us a mere 55 CVEs to worry about on November’s Patch Tuesday, but AMD and Intel have topped that number with fixes for their products .

AMD alone dropped 50 new CVEs on Thursday, 23 of them rated of “High” concern, meaning they’re rated at between 7.0 and 8.9 on the the-point Common Vulnerability Scoring System.

Let’s start with the 27 flaws in the AMD Graphics Driver for Windows 10 – 18 of them rated High – because at least they’re in software and Microsoft and Adobe’s patch issuance cadence means readers could be in the mood to fix code.

Detailed here, the flaws allow escalation of privilege, denial of service, the ability for an unprivileged user to drop malicious DLL files, unauthorized code execution, memory corruption, information disclosure

In its acknowledgements to those who found the bugs, AMD hat-tips a chap named “Lucas Bouillot, of the Apple Media Products RedTeam”. So now we know Apple has that team.

AMD’s EPYC processors – all three generations of ‘em – have 22 flaws, four of them rated High. Those flaws, and AMD’s descriptions of them, are:

  • CVE-2020-12954 – A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauthorized SPI ROM modification.
  • CVE-2020-12961 – A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections.
  • CVE-2021-26331 – AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution.
  • CVE-2021-26335 – Improper input and range checking in the Platform Security Processor (PSP) boot loader image header may allow for an attacker to use attack-controlled values prior to signature validation potentially resulting…

Source…