3.3 LOW
- CVSS version: 3.1
- Attack vector (AV): PHYSICAL
- Attack complexity (AC): HIGH
- Privileges required (PR): HIGH
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): NONE
- Availability impact (A): LOW
TOCTOU in the ASP Bootloader may allow an attacker with …
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
References
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory x_transferred
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 vendor-advisory x_transferred
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory x_transferred
Affected products
- ==various
- ==various
- ==various
- ==various
- ==various
- ==various
- ==various
- ==various
Matching in nixpkgs
pkgs.spoofdpi
Simple and fast anti-censorship tool written in Go
-
nixos-unstable -
- nixpkgs-unstable 0.12.0
pkgs.perlPackages.PPI
Parse, Analyze and Manipulate Perl (without perl)
-
nixos-unstable -
- nixpkgs-unstable 1.277
pkgs.perl538Packages.PPI
Parse, Analyze and Manipulate Perl (without perl)
-
nixos-unstable -
- nixpkgs-unstable 1.277
pkgs.perl540Packages.PPI
Parse, Analyze and Manipulate Perl (without perl)
-
nixos-unstable -
- nixpkgs-unstable 1.277
pkgs.perlPackages.GSSAPI
Perl extension providing access to the GSSAPIv2 library
-
nixos-unstable -
- nixpkgs-unstable 0.28
pkgs.perlPackages.PDFAPI2
Create, modify, and examine PDF files
-
nixos-unstable -
- nixpkgs-unstable API2-2.045
pkgs.haskellPackages.hsPID
PID control loop
-
nixos-unstable -
- nixpkgs-unstable 0.1.2
pkgs.spirv-llvm-translator
Tool and a library for bi-directional translation between SPIR-V and LLVM IR
-
nixos-unstable -
- nixpkgs-unstable 19.1.10
pkgs.perl538Packages.GSSAPI
Perl extension providing access to the GSSAPIv2 library
-
nixos-unstable -
- nixpkgs-unstable 0.28
pkgs.perl540Packages.GSSAPI
Perl extension providing access to the GSSAPIv2 library
-
nixos-unstable -
- nixpkgs-unstable 0.28
pkgs.perlPackages.PPIxUtils
Utility functions for PPI
-
nixos-unstable -
- nixpkgs-unstable 0.003
pkgs.perl538Packages.PDFAPI2
Create, modify, and examine PDF files
-
nixos-unstable -
- nixpkgs-unstable API2-2.045
pkgs.perl540Packages.PDFAPI2
Create, modify, and examine PDF files
-
nixos-unstable -
- nixpkgs-unstable API2-2.045
pkgs.perlPackages.PPIxRegexp
Parse regular expressions
-
nixos-unstable -
- nixpkgs-unstable 0.088
pkgs.perlPackages.ProcPIDFile
Manage process id files
-
nixos-unstable -
- nixpkgs-unstable 1.29
pkgs.haskellPackages.EdisonAPI
A library of efficient, purely-functional data structures (API)
-
nixos-unstable -
- nixpkgs-unstable 1.3.3.2
pkgs.perl538Packages.PPIxUtils
Utility functions for PPI
-
nixos-unstable -
- nixpkgs-unstable 0.003
pkgs.perl540Packages.PPIxUtils
Utility functions for PPI
-
nixos-unstable -
- nixpkgs-unstable 0.003
pkgs.perlPackages.WWWTwilioAPI
Accessing Twilio's REST API with Perl
-
nixos-unstable -
- nixpkgs-unstable 0.21
pkgs.perl538Packages.PPIxRegexp
Parse regular expressions
-
nixos-unstable -
- nixpkgs-unstable 0.088
pkgs.perl540Packages.PPIxRegexp
Parse regular expressions
-
nixos-unstable -
- nixpkgs-unstable 0.088
pkgs.perlPackages.OpenAPIClient
Client for talking to an Open API powered server
-
nixos-unstable -
- nixpkgs-unstable 1.07
pkgs.perlPackages.PPIxQuoteLike
Parse Perl string literals and string-literal-like things
-
nixos-unstable -
- nixpkgs-unstable 0.023
pkgs.perlPackages.PPIxUtilities
Extensions to PPI|PPI
-
nixos-unstable -
- nixpkgs-unstable 1.001000
pkgs.perl538Packages.ProcPIDFile
Manage process id files
-
nixos-unstable -
- nixpkgs-unstable 1.29
pkgs.perl540Packages.ProcPIDFile
Manage process id files
-
nixos-unstable -
- nixpkgs-unstable 1.29
pkgs.perl538Packages.WWWTwilioAPI
Accessing Twilio's REST API with Perl
-
nixos-unstable -
- nixpkgs-unstable 0.21
pkgs.perl540Packages.WWWTwilioAPI
Accessing Twilio's REST API with Perl
-
nixos-unstable -
- nixpkgs-unstable 0.21
pkgs.perl538Packages.OpenAPIClient
Client for talking to an Open API powered server
-
nixos-unstable -
- nixpkgs-unstable 1.07
pkgs.perl538Packages.PPIxQuoteLike
Parse Perl string literals and string-literal-like things
-
nixos-unstable -
- nixpkgs-unstable 0.023
pkgs.perl538Packages.PPIxUtilities
Extensions to PPI|PPI
-
nixos-unstable -
- nixpkgs-unstable 1.001000
pkgs.perl540Packages.OpenAPIClient
Client for talking to an Open API powered server
-
nixos-unstable -
- nixpkgs-unstable 1.07
pkgs.perl540Packages.PPIxQuoteLike
Parse Perl string literals and string-literal-like things
-
nixos-unstable -
- nixpkgs-unstable 0.023
pkgs.perl540Packages.PPIxUtilities
Extensions to PPI|PPI
-
nixos-unstable -
- nixpkgs-unstable 1.001000
pkgs.perlPackages.MojoliciousPluginOpenAPI
OpenAPI / Swagger plugin for Mojolicious
-
nixos-unstable -
- nixpkgs-unstable 5.09
pkgs.perl538Packages.MojoliciousPluginOpenAPI
OpenAPI / Swagger plugin for Mojolicious
-
nixos-unstable -
- nixpkgs-unstable 5.09
pkgs.perl540Packages.MojoliciousPluginOpenAPI
OpenAPI / Swagger plugin for Mojolicious
-
nixos-unstable -
- nixpkgs-unstable 5.09
Package maintainers
-
@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
-
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>
-
@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
-
@stigtsp Stig Palmquist <stig@stig.io>
-
@gloaming Craig Hall <ch9871@gmail.com>