Many nefarious security holes plague AMD EPYC CPUs

Share This Post

“During a security review in collaboration with Google, Microsoft, and Oracle, the AMD Platform Security Processor (PSP), AMD System Management Unit (SMU), AMD Secure Cryptographic Virtualization (SEV), and other platform components were exposed to potential A vulnerability has been discovered in the AMD EPYC AGESA PI package,” AMD(opens in new tab) said in a security bulletin.

AMD has issued three security bulletins announcing fixes for a whopping 50 vulnerabilities. 22 of them affect all three generations of his flagship EPYC server processors. Additionally, of the 50 vulnerabilities addressed, nearly half (23) are marked as high severity in the Common Vulnerability Scoring System (CVSS).
Of the 22 EPYC bugs, all are present in the latest 3rd generation processors , 17 are in 2nd generation chips, 12 are in the oldest 1st generation chips, and 4 are high are classified as.

Highlights

  • According to AMD, exploiting these vulnerabilities could facilitate privilege escalation, unauthorized code execution, memory corruption, information disclosure, and denial of service attacks. In addition to these, AMD’s performance analysis utility μProf also gets a fix for the only highly rated vulnerability related to improper access controls.

  • All’s Well That Ends Well
    AMD has announced that it has released his AGESA versions of all three processor generations to address the listed vulnerabilities. AGESA or AMD’s Generic Encapsulated System Architecture is released for motherboard vendors to build firmware and push updates to. In addition to the hardware bug, AMD also announced fixes for 27 vulnerabilities in AMD graphics drivers in Windows 10 . 18 of them are marked as important.

Read More:

CVTA Bill Unveiled: A Milestone for Inclusive Communication, Video, and Technology on ADA’s 33rd Anniversary

Tech News Summary:The Communications, Video and Technology Accessibility Bill...

August Investor Conferences to Feature Aspen Aerogels as Key Presenter

Tech News Summary:Aspen Aerogels, Inc. will be participating in...

Rare Apple Computer Trainers Unveiled: Unearthed Gems for $50,000!

Tech News Summary:A pair of rare Apple sneakers is...

Related Posts

CVTA Bill Unveiled: A Milestone for Inclusive Communication, Video, and Technology on ADA’s 33rd Anniversary

Tech News Summary:The Communications, Video and Technology Accessibility Bill...

August Investor Conferences to Feature Aspen Aerogels as Key Presenter

Tech News Summary:Aspen Aerogels, Inc. will be participating in...

Rare Apple Computer Trainers Unveiled: Unearthed Gems for $50,000!

Tech News Summary:A pair of rare Apple sneakers is...