Amd epyc™ embedded 9004 series processors
This hub aggregates every CVE we track for Amd epyc™ embedded 9004 series processors, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM5LOW4HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
4
0
4
0
0
0
0
1
0
1
0
0
2024-072026-06
Latest CVEs
The 10 most recently published vulnerabilities affecting Amd epyc™ embedded 9004 series processors.
- CVE-2023-20585Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting ...5.3
- CVE-2024-21953Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity.6.0
- CVE-2024-36354Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root o...7.5
- CVE-2024-36331Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.3.2
- CVE-2023-31351Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity.5.3
- CVE-2024-21977Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.3.2
- CVE-2024-36357A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boun...5.6
- CVE-2024-36350A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.5.6
- CVE-2024-36348A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in informatio...3.8
- CVE-2024-36349A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.3.8
Product normalization is registry-driven with AI assist and human review. How it works