Description: Potential security vulnerabilities in OpenBMC Firmware for some Intel® Server Platforms may allow information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities
1. Intel Code:
FCP/DNP BMC have included the fix since the version of 1.95
INTEL-SA-01078 –OpenBMC Firmware Advisory
CVE-2023-49144
CVE-2023-35123
INTEL-SA-01078
2024-08-13
Client Vulnerabilities – Aug 2024, Aug 13, 2024
Description: Potential vulnerabilities in AMD Secure Processor (ASP), and other platform components were reported. Mitigations are being provided in Platform Initialization (PI) firmware packages.
AMD-SB-4004
CVE-2023-20518
CVE-2021-46772
CVE-2021-26387
CVE-2021-46746
CVE-2024-21981
CVE-2021-26367
CVE-2022-23817
CVE-2021-26344
CVE-2023-20578
CVE-2022-23815
AMD-SB-4004
2024-08-13
AMD Server Vulnerabilities – August 2024, Aug 13, 2024
Description: Potential vulnerabilities in the AMD Secure Processor (ASP), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) and other platform components were discovered, and mitigations have been provided in AMD EPYC™ Platform Initialization (PI) firmware packages.
AMD-SB-3003
CVE-2023-31356
CVE-2023-20584
CVE-2023-20591
AMD-SB-3003
CVE-2023-20518
CVE-2021-46772
CVE-2021-26387
CVE-2021-46746
CVE-2024-21981
CVE-2021-26344
CVE-2023-20578
2024-08-05
Guest Memory Vulnerabilities, Aug 05, 2024
Description: A researcher has reported to AMD three potential vulnerabilities in Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP). The reports detail ways that a malicious hypervisor controlled by the host system, could read or corrupt the memory of a guest VM.
AMD-SB-3011
CVE-2023-31355
CVE-2024-21980
CVE-2024-21978
AMD-SB-3011
2024-06-13
AMD Processor Vulnerabilities, June 13, 2024
Description: Researchers disclosed multiple potential vulnerabilities that may impact some AMD processors.
AMD has assessed the researchers’ findings and is publishing CVEs and mitigation recommendations for any issues that were found to impact AMD platforms. AMD believes some of the findings were made on PCs running outdated firmware or software. As always, AMD recommends following security best practices, including keeping operating systems up-to-date and running the latest versions of firmware and software.nds following security best practices, including keeping operating systems up-to-date and running the latest versions of firmware and software.
AMD-SB-7009
CVE-2023-20587
CVE-2023-20579
CVE-2023-20577
CVE-2023-20576
AMD-SB-7009
2024-06-11
SPI Lock Bypass, June 11, 2024
Description: Potential weaknesses in AMD’s SPI protection features may allow an attacker to bypass the native System Management Mode (SMM) ROM protections.
Intel® Chipset Device Software Advisory, May 14, 2024
Description: A potential security vulnerability in some Intel® Chipset Device Software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability.
1. Intel already provides libraries for the updated Kernel version to avoid this SA, suggest following the APOS list to do the validation.
Intel® Server Products UEFI Firmware Advisory, May 14, 2024
Description: Potential security vulnerabilities in some Intel® Server Products UEFI firmware may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities.
1. Intel Code:
FCP/DNP already merge the patch. BIOS:R01.02.0001
INTEL-SA-01080 –Intel® Server Products UEFI Firmware Advisory
This website uses essential and analytics cookies. You can choose your option by clicking "Accept All Cookies" or "Accept Essential Cookies" as Cookies Preferences.