CVE-2021-46779

Description

Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.

Related CPE's

o amd romepi_firmware ********

h amd romepi -*******

o amd milanpi_firmware ********

h amd milanpi -*******

o amd naplespi_firmware ********

h amd naplespi -*******

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io