CVE-2021-46756
Published: May 9, 2023
Modified: Jan 28, 2025
Description
Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the bootloader resulting in a potential denial of service and loss of integrity.
| Vendor | Product | Versions |
|---|---|---|
AMD | Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4 | affected various |
AMD | Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge” | affected various |
AMD | Ryzen™ 3000 Series Desktop Processors “Matisse” AM4 | affected various |
AMD | AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4 | affected various |
AMD | Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4 | affected Various |
AMD | 2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax” | affected various |
AMD | 3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT | affected various |
AMD | Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS | affected various |
AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP | affected various |
AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock” | affected various |
AMD | Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5 | affected various |
AMD | Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso” | affected various |
AMD | Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” | affected various |
AMD | Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne” | affected various |
AMD | Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne” | affected various |
AMD | 1st Gen AMD EPYC™ Processors | affected various |
AMD | 2nd Gen AMD EPYC™ Processors | affected various |
AMD | 3rd Gen AMD EPYC™ Processors | affected various |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now