CVE-2021-46754
published 2023-05-09CVE-2021-46754: Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into…
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
Insufficient input validation in the ASP (AMD
Secure Processor) bootloader may allow an attacker with a compromised Uapp or
ABL to coerce the bootloader into exposing sensitive information to the SMU
(System Management Unit) resulting in a potential loss of confidentiality and
integrity.
Affected
180 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amd | amd_ryzen_embedded_r1000 | — | — |
| amd | amd_ryzen_embedded_r2000 | — | — |
| amd | amd_ryzen_embedded_v1000 | — | — |
| amd | amd_ryzen_embedded_v2000 | — | — |
| amd | athlon_3000_series_mobile_processors_with_radeon_graphics_dali_dali_ulp | — | — |
| amd | athlon_3000_series_mobile_processors_with_radeon_graphics_pollock | — | — |
| amd | athlon_gold_3150g_firmware | — | — |
| amd | athlon_gold_3150g_firmware | — | — |
| amd | athlon_gold_3150ge_firmware | — | — |
| amd | athlon_gold_3150ge_firmware | — | — |
| amd | athlon_silver_3050ge_firmware | — | — |
| amd | athlon_silver_3050ge_firmware | — | — |
| amd | ryzen_1200_firmware | — | — |
| amd | ryzen_1200_firmware | — | — |
| amd | ryzen_1200_firmware | — | — |
| amd | ryzen_1200_firmware | — | — |
| amd | ryzen_1600_firmware | — | — |
| amd | ryzen_1600_firmware | — | — |
| amd | ryzen_1600_firmware | — | — |
| amd | ryzen_1600_firmware | — | — |
| amd | ryzen_2000_series_desktop_processors_raven_ridge_am4 | — | — |
| amd | ryzen_2000_series_mobile_processors_raven_ridge_fp5 | — | — |
| amd | ryzen_2200g_firmware | — | — |
| amd | ryzen_2200g_firmware | — | — |
| amd | ryzen_2200g_firmware | — | — |