CVE-2021-46748
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
14/11/2023
Last modified:
13/02/2025
Description
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:intel:radeon_rx_vega_m_firmware:*:*:*:*:*:*:*:* | 23.10.01.46 (excluding) | |
| cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:nuc_8_enthusiast_nuc8i7hnkqc:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:nuc_8_enthusiast_nuc8i7hvkva:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:nuc_8_enthusiast_nuc8i7hvkvaw:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:nuc_kit_nuc8i7hvk:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:amd:radeon_software:*:*:*:*:adrenalin:*:*:* | 23.7.1 (excluding) | |
| cpe:2.3:h:amd:radeon_rx_5300:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:radeon_rx_5300_xt:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:radeon_rx_5300m:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:amd:radeon_rx_5500:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html