CVE-2021-46774

Summary

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.

Affected Software

VendorProductVersion RangeStatus
AMDRyzen™ 3000 series Desktop Processors “Matisse"variousaffected
AMDAMD Ryzen™ 5000 Series Desktop Processors “Vermeer”variousaffected
AMDAMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDTvariousaffected
AMDAMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3variousaffected
AMDAMD Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WSvariousaffected
AMD1st Gen AMD EPYC™ Processorsvariousaffected
AMD2nd Gen AMD EPYC™ Processorsvariousaffected
AMD3rd Gen AMD EPYC™ Processorsvariousaffected
AMD4th Gen AMD EPYC™ Processorsvariousaffected
AMDAMD EPYC™ Embedded 3000variousaffected
AMDAMD EPYC™ Embedded 7002variousaffected
AMDAMD EPYC™ Embedded 7003variousaffected
AMDAMD Ryzen™ Embedded 5000variousaffected
AMDAMD EPYC™ Embedded 7002variousaffected
AMDAMD EPYC™ Embedded 3000variousaffected
AMDAMD EPYC™ Embedded 7003variousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References