CVE-2021-46759
Published: May 9, 2023
Modified: Jan 27, 2025
Description
Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity.
| Vendor | Product | Versions |
|---|---|---|
AMD | Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4 | affected various |
AMD | Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4 | affected various |
AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP | affected various |
AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock” | affected various |
AMD | Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5 | affected various |
AMD | Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso” | affected various |
AMD | Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” | affected various |
AMD | Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne” | affected various |
AMD | Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne” | affected various |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now