VYPR
Unrated severityNVD Advisory· Published May 9, 2023· Updated Aug 4, 2024

CVE-2021-46754

CVE-2021-46754

Description

Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss of confidentiality and integrity.

Affected products

14
  • AMD/AMD Ryzen™ Embedded R1000v5
    Range: various
  • AMD/AMD Ryzen™ Embedded R2000v5
    Range: various
  • AMD/AMD Ryzen™ Embedded V1000v5
    Range: various
  • AMD/AMD Ryzen™ Embedded V2000v5
    Range: various
  • AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULPv5
    Range: various
  • AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”v5
    Range: various
  • AMD/Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4v5
    Range: various
  • AMD/Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5v5
    Range: various
  • AMD/Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”v5
    Range: various
  • AMD/Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir”v5
    Range: various
  • AMD/Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4v5
    Range: various
  • AMD/Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”v5
    Range: various
  • AMD/Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”v5
    Range: various

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.