CVE-2021-46760

Published: May 9, 2023

Modified: Jan 27, 2025

PUBLISHED

Description

A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which may result in an out-of-bounds memory access that may potentially lead to an attacker leaking sensitive information or achieving code execution.

Vendor	Product	Versions
AMD	3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT	affected `various`
AMD	Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS	affected `various`

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-46760

Description

Affected Products

References