CVE-2021-46757

Description

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

AMD / AMD Ryzen™ Embedded 5000various – various
AMD / AMD Ryzen™Embedded V2000various – various

References

MISChttps://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001