CVE-2021-46779

Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:amd:romepi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:amd:milanpi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:amd:naplespi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:40

Type Values Removed Values Added
Summary Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability. Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-20 CWE-787

Information

Published : 2023-01-11 08:15

Updated : 2024-02-28 19:51


NVD link : CVE-2021-46779

Mitre link : CVE-2021-46779

CVE.ORG link : CVE-2021-46779


JSON object : View

Products Affected

amd

  • naplespi_firmware
  • romepi
  • romepi_firmware
  • naplespi
  • milanpi
  • milanpi_firmware
CWE
CWE-787

Out-of-bounds Write