Home
MEDIUM: 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:NDefault status
affected
Picasso-FP5 1.0.1.1
unaffected
Default status
affected
Pollock-FT5 1.0.0.7
unaffected
Default status
affected
Cezanne-FP6 1.0.1.0
unaffected
Default status
affected
Cezanne-FP6 1.0.1.0
unaffected
Default status
affected
Renoir-FP6 1.0.0.D
unaffected
Default status
affected
Rembrandt-FP7 1.0.0.A
unaffected
Default status
affected
MendocinoPI-FT6 1.0.0.6
unaffected
Default status
affected
ComboAM4v2PI 1.2.0.CA
unaffected
Default status
affected
ComboAM4v2PI 1.2.0.CA
unaffected
Default status
affected
ComboAM4v2PI 1.2.0.CA
unaffected
ComboAM4PI 1.0.0.F
unaffected
Default status
affected
ComboAM4v2PI 1.2.0.CA
unaffected
Default status
affected
ComboAM4v2PI 1.2.0.CA
unaffected
Default status
affected
ComboAM5 1.0.0.7a
unaffected
Default status
affected
ComboAM5 1.0.0.7a
unaffected
Default status
affected
CastlePeakPI-SP3r3 1.0.0.C
unaffected
Default status
affected
CastlePeakWSPI-sWRX8 1.0.0.E
unaffected
Default status
affected
ChagallWSPI-sWRX8 1.0.0.9
unaffected
Default status
affected
StormPeakPI-SP6 1.1.0.0c
unaffected
Default status
affected
StormPeakPI-SP6 1.0.0.1e
unaffected
Description
An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity.
Problem types
CWE-208 Observable timing discrepancy
Product status
Picasso-FP5 1.0.1.1
Pollock-FT5 1.0.0.7
Cezanne-FP6 1.0.1.0
Cezanne-FP6 1.0.1.0
Renoir-FP6 1.0.0.D
Rembrandt-FP7 1.0.0.A
MendocinoPI-FT6 1.0.0.6
ComboAM4v2PI 1.2.0.CA
ComboAM4v2PI 1.2.0.CA
ComboAM4v2PI 1.2.0.CA
ComboAM4PI 1.0.0.F
ComboAM4v2PI 1.2.0.CA
ComboAM4v2PI 1.2.0.CA
ComboAM5 1.0.0.7a
ComboAM5 1.0.0.7a
CastlePeakPI-SP3r3 1.0.0.C
CastlePeakWSPI-sWRX8 1.0.0.E
ChagallWSPI-sWRX8 1.0.0.9
StormPeakPI-SP6 1.1.0.0c
StormPeakPI-SP6 1.0.0.1e
References
www.amd.com/...es/product-security/bulletin/amd-sb-4012.html