CVE-2021-46779
published 2023-01-11CVE-2021-46779: Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure…
high7.1CVSS 3.1
AVLACLPRLUINSUCNIHAH
Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amd | 1st_gen_epyc | — | — |
| amd | 2nd_gen_epyc | — | — |
| amd | 3rd_gen_epyc | — | — |
| amd | milanpi_firmware | < 1.0.0.4 | 1.0.0.4 |
| amd | naplespi_firmware | < 1.0.0.g | 1.0.0.g |
| amd | romepi_firmware | < 1.0.0.c | 1.0.0.c |