[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2024:2376-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":36,"duplicates":37,"related":38,"reserved_at":9,"published_at":50,"modified_at":51,"state":9,"summary":52,"references_raw":54,"kevs":115,"epss":9,"epss_history":116,"metrics":117,"affected":118},"SUSE-SU-2024:2376-1","Security update for kernel-firmware\n\nThis update for kernel-firmware fixes the following issues:\n\nUpdate AMD ucode to 20231030 (bsc#1215831):\n\n- CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.\n- CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation.\n- CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service.\n0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.\n- CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n- CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.\n- CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n- CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.\n- CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.\n- CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.\n- CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823).\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34],{"_key":15},"CVE-2021-26345",{"_key":17},"CVE-2021-46766",{"_key":19},"CVE-2021-46774",{"_key":21},"CVE-2022-23820",{"_key":23},"CVE-2022-23830",{"_key":25},"CVE-2023-20519",{"_key":27},"CVE-2023-20521",{"_key":29},"CVE-2023-20526",{"_key":31},"CVE-2023-20533",{"_key":33},"CVE-2023-20566",{"_key":35},"CVE-2023-20592",[],[],[39,40,41,42,43,44,45,46,47,48,49],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},"2024-07-09T17:20:51Z","2026-02-04T03:54:31.788210Z",{"cisa_kev":53,"cisa_ransomware":53,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[55,61,66,70,75,79,83,87,91,95,99,103,107,111],{"url":56,"sources":57,"tags":59},"https://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/",[58],"osv_suse",[60],"Advisory",{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/1215823",[58],[65],"REPORT",{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1215831",[58],[65],{"url":71,"sources":72,"tags":73},"https://www.suse.com/security/cve/CVE-2021-26345",[58],[74],"WEB",{"url":76,"sources":77,"tags":78},"https://www.suse.com/security/cve/CVE-2021-46766",[58],[74],{"url":80,"sources":81,"tags":82},"https://www.suse.com/security/cve/CVE-2021-46774",[58],[74],{"url":84,"sources":85,"tags":86},"https://www.suse.com/security/cve/CVE-2022-23820",[58],[74],{"url":88,"sources":89,"tags":90},"https://www.suse.com/security/cve/CVE-2022-23830",[58],[74],{"url":92,"sources":93,"tags":94},"https://www.suse.com/security/cve/CVE-2023-20519",[58],[74],{"url":96,"sources":97,"tags":98},"https://www.suse.com/security/cve/CVE-2023-20521",[58],[74],{"url":100,"sources":101,"tags":102},"https://www.suse.com/security/cve/CVE-2023-20526",[58],[74],{"url":104,"sources":105,"tags":106},"https://www.suse.com/security/cve/CVE-2023-20533",[58],[74],{"url":108,"sources":109,"tags":110},"https://www.suse.com/security/cve/CVE-2023-20566",[58],[74],{"url":112,"sources":113,"tags":114},"https://www.suse.com/security/cve/CVE-2023-20592",[58],[74],[],[],[],[119],{"ecosystem":120,"name":121,"vendor":122,"product":123,"cpe_part":9,"purl_type":124,"purl_namespace":122,"purl_name":123,"source":9,"versions":125},"SUSE Linux Enterprise","kernel-firmware","suse","kernel-firmware&distro=SUSE Linux Enterprise Micro 5.5","rpm",[126],{"version":127,"is_range":128,"range_type":129,"version_start":9,"version_start_type":9,"version_end":130,"version_end_type":131,"fixed_in":9},"lt20230724_150500_3_9_1",true,"ecosystem","20230724-150500.3.9.1","excluding"]