CVE-2021-46758

UNKNOWN

Published 2023-11-14T18:54:25.467Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-46758. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

AMD

Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne”

Affected Versions:

various

AMD

Ryzen™ 7000 Series Desktop Processors “Raphael” XD3

Affected Versions:

various

AMD

Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6

Affected Versions:

various

AMD

Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”

Affected Versions:

various

AMD

Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”

Affected Versions:

various

AMD

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics "Rembrandt"

Affected Versions:

various

AMD

AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”

Affected Versions:

various

AMD

AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo”

Affected Versions:

various

AMD

AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”

Affected Versions:

various

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-qvg6-x224-c55m

Advisory Details

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-46758

WEB https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002

Advisory provided by GitHub Security Advisory Database. Published: November 14, 2023, Modified: November 22, 2023

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002

Published: 2023-11-14T18:54:25.467Z

Last Modified: 2024-08-04T05:17:42.665Z

Copied to clipboard!

CVE-2021-46758

Expert Analysis

Description

Available Exploits

Related News

Affected Products

Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne”

Affected Versions:

Ryzen™ 7000 Series Desktop Processors “Raphael” XD3

Affected Versions:

Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6

Affected Versions:

Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”

Affected Versions:

Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”

Affected Versions:

AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics "Rembrandt"

Affected Versions:

AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”

Affected Versions:

AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo”

Affected Versions:

AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!