CVE-2021-46779

Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:amd:romepi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:amd:milanpi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:amd:naplespi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:40

Type	Values Removed	Values Added
Summary	Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.	Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.

08 Aug 2023, 14:22

Type	Values Removed	Values Added
CWE	~~CWE-20~~	CWE-787

Information

Published : 2023-01-11 08:15

Updated : 2024-02-28 19:51

NVD link : CVE-2021-46779

Mitre link : CVE-2021-46779

CVE.ORG link : CVE-2021-46779

JSON object : View

Products Affected

amd

naplespi_firmware
romepi
romepi_firmware
naplespi
milanpi
milanpi_firmware

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2021-46779", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2023-01-11T08:15:13.213", "references": [{"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032", "tags": ["Vendor Advisory"], "source": "psirt@amd.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.\n"}], "lastModified": "2023-11-07T03:40:03.753", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:romepi_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56013C45-044C-40B0-9503-7E3928602803", "versionEndExcluding": "1.0.0.c"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B936879F-731E-4991-ACBB-16643F629B41"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:milanpi_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B11959F6-2A87-48A4-AD17-16A6B00C6BFA", "versionEndExcluding": "1.0.0.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1F64A4AA-A66B-4B2E-B8F1-F332E3945903"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:naplespi_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB1EE9F8-6AA6-48E1-A5C3-79A1FC70C821", "versionEndExcluding": "1.0.0.g"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9C479ABD-FE0C-4C08-B849-7BD516F03733"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@amd.com"}