CVE-2021-46755

Summary

Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service.

Affected Software

VendorProductVersion RangeStatus
AMDRyzen™ 3000 Series Desktop Processors “Matisse” AM4variousaffected
AMDAMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4variousaffected
AMDRyzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4variousaffected
AMD3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDTvariousaffected
AMDRyzen™ Threadripper™ PRO Processors “Castle Peak” WSvariousaffected
AMDRyzen™ Threadripper™ PRO Processors “Chagall” WSvariousaffected
AMDRyzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir”variousaffected
AMDRyzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”variousaffected
AMDRyzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”variousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References