CVE-2021-46769

Summary

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to execute arbitrary DMA copies, which can lead to code execution.

Affected Software

VendorProductVersion RangeStatus
AMD2nd Gen AMD EPYC™variousaffected
AMD3rd Gen AMD EPYC™variousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References