CVE-2021-46760
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
09/05/2023
Last modified:
27/01/2025
Description
A malicious or compromised UApp or ABL can send<br />
a malformed system call to the bootloader, which may result in an out-of-bounds<br />
memory access that may potentially lead to an attacker leaking sensitive<br />
information or achieving code execution.<br />
<br />
<br />
<br />
<br />
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:amd:ryzen_3945wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:ryzen_3945wx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3955wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:ryzen_3955wx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3960x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:ryzen_3960x:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3970x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:ryzen_3970x:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3975wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:ryzen_3975wx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3990x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:ryzen_3990x:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3995wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:ryzen_3995wx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3945wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page