CVE-2021-46779

Summary

Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.

Affected Software

VendorProductVersion RangeStatus
AMD1st Gen EPYCvariousaffected
AMD2nd Gen EPYCvariousaffected
AMD3rd Gen EPYCvariousaffected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References