CVE-2021-46772
published 2024-08-13CVE-2021-46772: Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI…
low3.9CVSS 3.1
AVLACHPRHUINSCCNILAL
Insufficient input validation in the ABL may allow a privileged
attacker with access to the BIOS menu or UEFI shell to tamper with the
structure headers in SPI ROM causing an out of bounds memory read and write,
potentially resulting in memory corruption or denial of service.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amd | amd_athlon_3000_series_desktop_processors_with_radeon_graphics | — | — |
| amd | amd_athlon_3000_series_mobile_processors_with_radeon_graphics | — | — |
| amd | amd_ryzen_3000_series_desktop_processors | — | — |
| amd | amd_ryzen_3000_series_mobile_processor_with_radeon_graphics | — | — |
| amd | amd_ryzen_4000_series_desktop_processors_with_radeon_graphics | — | — |
| amd | amd_ryzen_4000_series_mobile_processors_with_radeon_graphics | — | — |
| amd | amd_ryzen_5000_series_desktop_processor_with_radeon_graphics | — | — |
| amd | amd_ryzen_5000_series_mobile_processors_with_radeon_graphics | — | — |
| amd | amd_ryzen_embedded_5000_series_processors | — | — |
| amd | amd_ryzen_embedded_r1000_series_processors | — | — |
| amd | amd_ryzen_embedded_r2000_series_processors | — | — |
| amd | amd_ryzen_embedded_v1000_series_processors | — | — |
| amd | amd_ryzen_embedded_v2000_series_processors | — | — |
| amd | amd_ryzen_threadripper_3000_series_processors | — | — |