Nixpkgs Security Tracker

Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007 vendor-advisory x_transferred
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007 vendor-advisory x_transferred
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3007 vendor-advisory x_transferred

Affected products

PI

==various

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go

nixos-unstable -
- nixpkgs-unstable 0.12.0

pkgs.perlPackages.PPI

Parse, Analyze and Manipulate Perl (without perl)

nixos-unstable -
- nixpkgs-unstable 1.277

pkgs.perl538Packages.PPI

Parse, Analyze and Manipulate Perl (without perl)

nixos-unstable -
- nixpkgs-unstable 1.277

pkgs.perl540Packages.PPI

Parse, Analyze and Manipulate Perl (without perl)

nixos-unstable -
- nixpkgs-unstable 1.277

pkgs.perlPackages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

nixos-unstable -
- nixpkgs-unstable 0.28

pkgs.perlPackages.PDFAPI2

Create, modify, and examine PDF files

nixos-unstable -
- nixpkgs-unstable API2-2.045

pkgs.haskellPackages.hsPID

PID control loop

nixos-unstable -
- nixpkgs-unstable 0.1.2

pkgs.spirv-llvm-translator

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

nixos-unstable -
- nixpkgs-unstable 19.1.10

pkgs.perl538Packages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

nixos-unstable -
- nixpkgs-unstable 0.28

pkgs.perl540Packages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

nixos-unstable -
- nixpkgs-unstable 0.28

pkgs.perlPackages.PPIxUtils

Utility functions for PPI

nixos-unstable -
- nixpkgs-unstable 0.003

pkgs.perl538Packages.PDFAPI2

Create, modify, and examine PDF files

nixos-unstable -
- nixpkgs-unstable API2-2.045

pkgs.perl540Packages.PDFAPI2

Create, modify, and examine PDF files

nixos-unstable -
- nixpkgs-unstable API2-2.045

pkgs.perlPackages.PPIxRegexp

Parse regular expressions

nixos-unstable -
- nixpkgs-unstable 0.088

pkgs.perlPackages.ProcPIDFile

Manage process id files

nixos-unstable -
- nixpkgs-unstable 1.29

pkgs.haskellPackages.EdisonAPI

A library of efficient, purely-functional data structures (API)

nixos-unstable -
- nixpkgs-unstable 1.3.3.2

pkgs.perl538Packages.PPIxUtils

Utility functions for PPI

nixos-unstable -
- nixpkgs-unstable 0.003

pkgs.perl540Packages.PPIxUtils

Utility functions for PPI

nixos-unstable -
- nixpkgs-unstable 0.003

pkgs.perlPackages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

nixos-unstable -
- nixpkgs-unstable 0.21

pkgs.perl538Packages.PPIxRegexp

Parse regular expressions

nixos-unstable -
- nixpkgs-unstable 0.088

pkgs.perl540Packages.PPIxRegexp

Parse regular expressions

nixos-unstable -
- nixpkgs-unstable 0.088

pkgs.perlPackages.OpenAPIClient

Client for talking to an Open API powered server

nixos-unstable -
- nixpkgs-unstable 1.07

pkgs.perlPackages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

nixos-unstable -
- nixpkgs-unstable 0.023

pkgs.perlPackages.PPIxUtilities

Extensions to PPI|PPI

nixos-unstable -
- nixpkgs-unstable 1.001000

pkgs.perl538Packages.ProcPIDFile

Manage process id files

nixos-unstable -
- nixpkgs-unstable 1.29

pkgs.perl540Packages.ProcPIDFile

Manage process id files

nixos-unstable -
- nixpkgs-unstable 1.29

pkgs.perl538Packages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

nixos-unstable -
- nixpkgs-unstable 0.21

pkgs.perl540Packages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

nixos-unstable -
- nixpkgs-unstable 0.21

pkgs.perl538Packages.OpenAPIClient

Client for talking to an Open API powered server

nixos-unstable -
- nixpkgs-unstable 1.07

pkgs.perl538Packages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

nixos-unstable -
- nixpkgs-unstable 0.023

pkgs.perl538Packages.PPIxUtilities

Extensions to PPI|PPI

nixos-unstable -
- nixpkgs-unstable 1.001000

pkgs.perl540Packages.OpenAPIClient

Client for talking to an Open API powered server

nixos-unstable -
- nixpkgs-unstable 1.07

pkgs.perl540Packages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

nixos-unstable -
- nixpkgs-unstable 0.023

pkgs.perl540Packages.PPIxUtilities

Extensions to PPI|PPI

nixos-unstable -
- nixpkgs-unstable 1.001000

pkgs.perlPackages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

nixos-unstable -
- nixpkgs-unstable 5.09

pkgs.perl538Packages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

nixos-unstable -
- nixpkgs-unstable 5.09

pkgs.perl540Packages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

nixos-unstable -
- nixpkgs-unstable 5.09

Package maintainers

@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>
@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
@stigtsp Stig Palmquist <stig@stig.io>
@gloaming Craig Hall <ch9871@gmail.com>
@s0me1newithhand7s hand7s <s0me1newithhand7s@gmail.com>

Untriaged

Permalink CVE-2022-23821

created 6 months ago

Improper access control in System Management Mode (SMM) may allow …

Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory x_transferred
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory x_transferred
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 vendor-advisory x_transferred
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 vendor-advisory x_transferred

Affected products

PI

==various

AMD Ryzen™ Embedded 5000

==various

AMD Ryzen™ Embedded R1000

==various

AMD Ryzen™ Embedded R2000

==various

AMD Ryzen™ Embedded V1000

==various

AMD Ryzen™ Embedded V2000

==various

AMD Ryzen™ Embedded V3000

==various

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go

nixos-unstable -
- nixpkgs-unstable 0.12.0

pkgs.perlPackages.PPI

Parse, Analyze and Manipulate Perl (without perl)

nixos-unstable -
- nixpkgs-unstable 1.277

pkgs.perl538Packages.PPI

Parse, Analyze and Manipulate Perl (without perl)

nixos-unstable -
- nixpkgs-unstable 1.277

pkgs.perl540Packages.PPI

Parse, Analyze and Manipulate Perl (without perl)

nixos-unstable -
- nixpkgs-unstable 1.277

pkgs.perlPackages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

nixos-unstable -
- nixpkgs-unstable 0.28

pkgs.perlPackages.PDFAPI2

Create, modify, and examine PDF files

nixos-unstable -
- nixpkgs-unstable API2-2.045

pkgs.haskellPackages.hsPID

PID control loop

nixos-unstable -
- nixpkgs-unstable 0.1.2

pkgs.spirv-llvm-translator

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

nixos-unstable -
- nixpkgs-unstable 19.1.10

pkgs.perl538Packages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

nixos-unstable -
- nixpkgs-unstable 0.28

pkgs.perl540Packages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

nixos-unstable -
- nixpkgs-unstable 0.28

pkgs.perlPackages.PPIxUtils

Utility functions for PPI

nixos-unstable -
- nixpkgs-unstable 0.003

pkgs.perl538Packages.PDFAPI2

Create, modify, and examine PDF files

nixos-unstable -
- nixpkgs-unstable API2-2.045

pkgs.perl540Packages.PDFAPI2

Create, modify, and examine PDF files

nixos-unstable -
- nixpkgs-unstable API2-2.045

pkgs.perlPackages.PPIxRegexp

Parse regular expressions

nixos-unstable -
- nixpkgs-unstable 0.088

pkgs.perlPackages.ProcPIDFile

Manage process id files

nixos-unstable -
- nixpkgs-unstable 1.29

pkgs.haskellPackages.EdisonAPI

A library of efficient, purely-functional data structures (API)

nixos-unstable -
- nixpkgs-unstable 1.3.3.2

pkgs.perl538Packages.PPIxUtils

Utility functions for PPI

nixos-unstable -
- nixpkgs-unstable 0.003

pkgs.perl540Packages.PPIxUtils

Utility functions for PPI

nixos-unstable -
- nixpkgs-unstable 0.003

pkgs.perlPackages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

nixos-unstable -
- nixpkgs-unstable 0.21

pkgs.perl538Packages.PPIxRegexp

Parse regular expressions

nixos-unstable -
- nixpkgs-unstable 0.088

pkgs.perl540Packages.PPIxRegexp

Parse regular expressions

nixos-unstable -
- nixpkgs-unstable 0.088

pkgs.perlPackages.OpenAPIClient

Client for talking to an Open API powered server

nixos-unstable -
- nixpkgs-unstable 1.07

pkgs.perlPackages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

nixos-unstable -
- nixpkgs-unstable 0.023

pkgs.perlPackages.PPIxUtilities

Extensions to PPI|PPI

nixos-unstable -
- nixpkgs-unstable 1.001000

pkgs.perl538Packages.ProcPIDFile

Manage process id files

nixos-unstable -
- nixpkgs-unstable 1.29

pkgs.perl540Packages.ProcPIDFile

Manage process id files

nixos-unstable -
- nixpkgs-unstable 1.29

pkgs.perl538Packages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

nixos-unstable -
- nixpkgs-unstable 0.21

pkgs.perl540Packages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

nixos-unstable -
- nixpkgs-unstable 0.21

pkgs.perl538Packages.OpenAPIClient

Client for talking to an Open API powered server

nixos-unstable -
- nixpkgs-unstable 1.07

pkgs.perl538Packages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

nixos-unstable -
- nixpkgs-unstable 0.023

pkgs.perl538Packages.PPIxUtilities

Extensions to PPI|PPI

nixos-unstable -
- nixpkgs-unstable 1.001000

pkgs.perl540Packages.OpenAPIClient

Client for talking to an Open API powered server

nixos-unstable -
- nixpkgs-unstable 1.07

pkgs.perl540Packages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

nixos-unstable -
- nixpkgs-unstable 0.023

pkgs.perl540Packages.PPIxUtilities

Extensions to PPI|PPI

nixos-unstable -
- nixpkgs-unstable 1.001000

pkgs.perlPackages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

nixos-unstable -
- nixpkgs-unstable 5.09

pkgs.perl538Packages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

nixos-unstable -
- nixpkgs-unstable 5.09

pkgs.perl540Packages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

nixos-unstable -
- nixpkgs-unstable 5.09

Package maintainers

@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>
@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
@stigtsp Stig Palmquist <stig@stig.io>
@gloaming Craig Hall <ch9871@gmail.com>
@s0me1newithhand7s hand7s <s0me1newithhand7s@gmail.com>

Untriaged

Permalink CVE-2023-20533

6.1 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): HIGH

created 6 months ago

Insufficient DRAM address validation in System Management Unit (SMU) may …

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.