CVE-2020-12951Race Condition in AMD Epyc 7001 Firmware

CWE-362Race Condition3 documents3 sources
Severity
7.0HIGHNVD
EPSS
0.1%
top 71.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
60
AMD Epyc 7001 FirmwareAMD Epyc 7002 FirmwareAMD Epyc 7003 Firmware+57 more
Timeline
PublishedNov 16
Latest updateMay 24

Description

Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages60 packages

NVDamd/epyc_7001_firmware< naplespi-sp3_1.0.0.g
NVDamd/epyc_7002_firmware< romepi-sp3_1.0.0.c
NVDamd/epyc_7003_firmware< milanpi-sp3_1.0.0.4
NVDamd/epyc_7251_firmware< naplespi-sp3_1.0.0.g
NVDamd/epyc_7252_firmware< romepi-sp3_1.0.0.c

🔴Vulnerability Details

2
GHSA
GHSA-wf2q-wpcg-q95r: Race condition in PSP FW could allow less privileged x86 code to perform PSP SMM operations2022-05-24
CVEList
CVE-2020-12951: Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations2021-11-16
CVE-2020-12951 — Race Condition in AMD | cvebase