Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged
Filter by:
With package: perl540Packages.PPIxUtils

Found 4 matching suggestions

View:
Compact
Detailed
Permalink CVE-2023-20587
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 11 months, 1 week ago
Improper Access Control in System Management Mode (SMM) may allow …

Improper Access Control in System Management Mode (SMM) may allow an attacker access to the SPI flash potentially leading to arbitrary code execution.

Affected products

PI
  • ==various
  • ==various
AMD EPYC(TM) Embedded 7003
  • ==various
AMD EPYC(TM) Embedded 9003
  • ==various
AMD EPYC(TM) Embedded 3000
  • ==various
AMD EPYC(TM) Embedded 7002
  • ==various

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go

Permalink CVE-2023-31346
6.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year ago
Failure to initialize memory in SEV Firmware may allow a …

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.

Affected products

PI
  • ==various

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go

Permalink CVE-2023-31347
4.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 year ago
Due to a code bug in Secure_TSC, SEV firmware may …

Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.  

Affected products

PI
  • ==various

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go

Permalink CVE-2023-20579
4.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 year, 1 month ago
Improper Access Control in the AMD SPI protection feature may …

Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.

Affected products

PI
  • ==various
  • ==Various
  • ==various
AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics
  • ==various
AMD Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics
  • ==various
AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics
  • ==various

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go