CVE-2021-46758

Summary

Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.

Affected Software

VendorProductVersion RangeStatus
AMDRyzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne”variousaffected
AMDRyzen™ 7000 Series Desktop Processors “Raphael” XD3variousaffected
AMDRyzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6variousaffected
AMDRyzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”variousaffected
AMDRyzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”variousaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics “Rembrandt”variousaffected
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”variousaffected
AMDAMD Ryzen™ 5000 Series Processors with Radeon™ Graphics “Barcelo”variousaffected
AMDAMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”variousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References