Amd Epyc 7003 Series Processors vulnerabilities

CVE-2024-36349 [LOW] CWE-1420 CVE-2024-36349: A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.

CVE-2024-36348 [LOW] CWE-1420 CVE-2024-36348: A transient execution vulnerability in some AMD processors may allow a user process to infer the con A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.

CVE-2024-21981 [MEDIUM] CWE-639 CVE-2024-21981: Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity.

CVE-2021-26387 [LOW] CWE-863 CVE-2021-26387: Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signin Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.