TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2023-11-14T18:52:31.662Z

Updated: 2024-08-02T09:05:36.873Z

Reserved: 2022-10-27T18:53:39.737Z

Link: CVE-2023-20521

cve-icon Vulnrichment

Updated: 2024-08-02T09:05:36.873Z

cve-icon NVD

Status : Modified

Published: 2023-11-14T19:15:15.580

Modified: 2024-11-21T07:41:04.330

Link: CVE-2023-20521

cve-icon Redhat

No data.