CVE-2021-46794

🗓️ 09 May 2023 19:01:47Reported by AMDType

Insufficient bounds checking in AMD Secure Processor may allow out of bounds read in SMI mailbox checksum calculatio

Reporter	Title	Published	Views	Family All 11
Amd	Client Vulnerabilities – May 2023	9 May 202300:00	–	amd
Circl	CVE-2021-46794	10 May 202300:38	–	circl
CNNVD	AMD Secure Processor和AMD System Management Unit 缓冲区错误漏洞	9 May 202300:00	–	cnnvd
CVE	CVE-2021-46794	9 May 202319:01	–	cve
EUVD	EUVD-2021-33450	3 Oct 202520:07	–	euvd
Hewlett-Packard	AMD Client UEFI Firmware May 2023 Security Update	9 May 202300:00	–	hp
NVD	CVE-2021-46794	9 May 202320:15	–	nvd
OSV	CVE-2021-46794	9 May 202320:15	–	osv
Prion	Out-of-bounds	9 May 202320:15	–	prion
Positive Technologies	PT-2023-12588 · Amd · Amd Secure Processor	9 May 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Desktop Processors “Matisse” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics  “Cezanne” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "Various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ Threadripper™ PRO Processors “Chagall” WS",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics   “Pollock”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” ",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

Source	Link
amd	www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

09 May 2023 19:01Current

7.9High risk

Vulners AI Score7.9

EPSS0.00536