Lucene search
K
AmdRyzen 2600e Firmware

7 matches found

CVE
CVE
added 2023/05/09 7:0 p.m.75 views

CVE-2021-46754

CVE-2021-46754: Insufficient input validation in the ASP bootloader can allow a compromised UApp/ABL to expose sensitive information to the SMU, risking confidentiality and integrity. AMD-SB-5001 lists this CVE with Medium severity and provides firmware-based mitigations via Platform Initializati...

9.1CVSS9.1AI score0.00565EPSS
CVE
CVE
added 2023/05/09 7:0 p.m.70 views

CVE-2021-46753

CVE-2021-46753 affects the AMD Secure Processor (ASP) sensor fusion hub headers. The issue is described as failure to validate the length fields of these headers, which could allow a malicious UApp or ABL to map the ASP sensor fusion hub region and overwrite data structures, potentially compromis...

9.1CVSS9.1AI score0.0056EPSS
CVE
CVE
added 2023/05/09 7:1 p.m.65 views

CVE-2021-46794

CVE-2021-46794 refers to an insufficient bounds check in the AMD Secure Processor (ASP) that may allow an out-of-bounds read in the System Management Interface (SMI) mailbox checksum calculation, triggering a data abort and potentially causing denial of service. Connected documents corroborate th...

7.5CVSS7.8AI score0.00616EPSS
CVE
CVE
added 2023/05/09 7:0 p.m.64 views

CVE-2021-46759

Consolidated details for CVE-2021-46759 show an improper syscall input validation in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE). Attack requires physical access and control of a UApp running under the bootloader to read ASP bootloader memory via a serial port, potentially ...

6.1CVSS6.6AI score0.00284EPSS
CVE
CVE
added 2023/05/09 7:1 p.m.62 views

CVE-2021-46792

The CVE-2021-46792 entry refers to TOCTOU in the BIOS2PSP command within AMD’s AMD Secure Processor (ASP) and related ASP bootloader logic. The described impact is a race that can cause the ASP bootloader to perform out-of-bounds SRAM reads during S3 resume, potentially yielding a denial of servi...

5.9CVSS6.5AI score0.00395EPSS
CVE
CVE
added 2023/05/09 6:59 p.m.58 views

CVE-2021-46749

CVE-2021-46749 corresponds to an out-of-bounds read vulnerability in the AMD Secure Processor (ASP) affecting the System Management Interface (SMI) mailbox checksum calculation, caused by insufficient bounds checking. The vulnerability can trigger a data abort and potentially lead to a denial of ...

7.5CVSS7.8AI score0.00616EPSS
CVE
CVE
added 2023/05/09 7:1 p.m.50 views

CVE-2021-46773

CVE-2021-46773 involves insufficient input validation in the AMD bootloader (ABL) that may allow a privileged attacker to corrupt the AMD Secure Processor (ASP) memory, potentially resulting in loss of integrity or code execution. The connected documents provide concrete details: the vulnerabilit...

8.8CVSS8.8AI score0.00771EPSS