Unrated severityNVD Advisory· Published May 9, 2023· Updated Jan 27, 2025

CVE-2021-46759

Description

Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity.

Affected products

AMD/TEEllm-fuzzy
AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULPv5
Range: various
AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”v5
Range: various
AMD/Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4v5
Range: various
AMD/Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5v5
Range: various
AMD/Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”v5
Range: various
AMD/Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir”v5
Range: various
AMD/Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4v5
Range: various
AMD/Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”v5
Range: various
AMD/Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”v5
Range: various

Patches

Vulnerability mechanics

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000