CVE-2021-46746Classic Buffer Overflow in AMD Athlon 3000 Series Mobile Processors With Radeon Graphics

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
5.2MEDIUMNVD
EPSS
0.0%
top 92.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
AMD Athlon 3000 Series Mobile Processors With Radeon GraphicsAMD Epyc 7001 ProcessorsAMD Epyc 7002 Processors+7 more
Timeline
PublishedAug 13

Description

Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:HExploitability: 0.5 | Impact: 4.7

Affected Packages10 packages

CVEListV5amd/amd_epyc_7001_processorsvarious
CVEListV5amd/amd_epyc_7002_processorsvarious
CVEListV5amd/amd_epyc_7003_processorsvarious
CVEListV5amd/amd_epyc_9004_processorsvarious

🔴Vulnerability Details

2
GHSA
GHSA-xqmq-3744-539p: Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD si2024-08-13
CVEList
CVE-2021-46746: Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD si2024-08-13
CVE-2021-46746 — Classic Buffer Overflow in AMD | cvebase