Описание
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages.
Ссылки
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.08.17.735 (исключая)Версия до 5.17.0.0 (исключая)
Одно из
cpe:2.3:a:amd:chipset_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:amd:psp_driver:*:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00116
Низкий
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-200
CWE-909
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages.
EPSS
Процентиль: 31%
0.00116
Низкий
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-200
CWE-909