AMD reveals an EPYC 50 flaws – 23 of them rated High severity. Intel has 25 problems, too
Microsoft may have given us a mere 55 CVEs to worry about on November’s Patch Tuesday, but AMD and Intel have topped that number with fixes for their products .
AMD alone dropped 50 new CVEs on Thursday, 23 of them rated of “High” concern, meaning they’re rated at between 7.0 and 8.9 on the the-point Common Vulnerability Scoring System.
Let’s start with the 27 flaws in the AMD Graphics Driver for Windows 10 – 18 of them rated High – because at least they’re in software and Microsoft and Adobe’s patch issuance cadence means readers could be in the mood to fix code.
Detailed here, the flaws allow escalation of privilege, denial of service, the ability for an unprivileged user to drop malicious DLL files, unauthorized code execution, memory corruption, information disclosure
In its acknowledgements to those who found the bugs, AMD hat-tips a chap named “Lucas Bouillot, of the Apple Media Products RedTeam”. So now we know Apple has that team.
AMD’s EPYC processors – all three generations of ‘em – have 22 flaws, four of them rated High. Those flaws, and AMD’s descriptions of them, are:
- CVE-2020-12954 – A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauthorized SPI ROM modification.
- CVE-2020-12961 – A potential vulnerability exists in AMD Platform Security Processor (PSP) that may allow an attacker to zero any privileged register on the System Management Network which may lead to bypassing SPI ROM protections.
- CVE-2021-26331 – AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution.
- CVE-2021-26335 – Improper input and range checking in the Platform Security Processor (PSP) boot loader image header may allow for an attacker to use attack-controlled values prior to signature validation potentially resulting in arbitrary code execution.
AMD’s μProf Tool has but a single flaw, the High-rated CVE-2021-26334 that “may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user.”
Intel’s also revealed new problems – 25 of them. Chipzilla issues its own IDs for flaws, and groups multiple CVEs beneath them.
Those rated High include:
- INTEL-SA-00509 – Which includes 10 CVEs I Intel WiFi products, allowing escalation of privilege, denial of service, and information disclosure
- INTEL-SA-00535 – A single CVE (CVE-2021-0148) that impacts multiple Intel solid state disks. “Insertion of information into log file in firmware … may allow a privileged user to potentially enable information disclosure via local access,” states Intel’s advisory
- INTEL-SA-00528- An escalation of privilege flaw in Pentium, Celeron, and Atom silicon
- INTEL-SA-00562 – Bad BIOS may allow escalation of privileges in 10 types of Intel CPU ranging from this year’s Xeons to Core CPUs from 2016 , and even some 2013 Celerons
The Register suggests paying attention to Intel’s bug list because its warnings touch on many, and very common, products such as Bluetooth, Ethernet drivers, and Thunderbolt. ®