Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution.
Amd
CVE-2021-26322
Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”.
CVE-2021-26321
Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP.
CVE-2021-26312
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
CVE-2022-29900
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
CVE-2022-23824
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.