CVE-2021-46795

Summary

A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memory out of bounds that could potentially result in a denial of service.

Affected Software

VendorProductVersion RangeStatus
AMDRyzen 5000 Seriesvariousaffected
AMDRyzen 3000 Seriesvariousaffected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References