CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of…

medium5.5CVSS 3.1

AVLACLPRLUINSUCHINAN

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.

Affected

31 ranges· showing 25

Vendor	Product	Version range	Fixed in
amd	4th_gen_amd_epyc_processors	—	—
amd	amd_epyc_embedded_9003	—	—
amd	epyc_9124_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9174f_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9184x_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9224_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9254_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9274f_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9334_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9354_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9354p_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9374f_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9384x_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9454_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9454p_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9474f_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9534_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9554_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9554p_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9634_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9654_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9654p_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9684x_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9734_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4
amd	epyc_9754_firmware	< genoapi_1.0.0.4	genoapi_1.0.0.4