CVE-2020-12946: Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service.

high7.1CVSS 3.1

AVLACLPRLUINSUCNIHAH

Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service.

Affected

46 ranges· showing 25

Vendor	Product	Version range	Fixed in
amd	athlon_series	—	—
amd	epyc_7232p_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7252_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7262_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7272_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7282_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_72f3_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7302_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7302p_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7313_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7313p_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7343_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7352_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_73f3_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7402_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7402p_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7413_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7443_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7443p_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7452_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7453_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_74f3_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4
amd	epyc_7502_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7502p_firmware	< romepi-sp3_1.0.0.c	romepi-sp3_1.0.0.c
amd	epyc_7513_firmware	< milanpi-sp3_1.0.0.4	milanpi-sp3_1.0.0.4