Vulnerability in Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics
CVE-2021-46746
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potent…
EPSS: 0.000 (8.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.2 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H.
Affected products
- Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics — versions ComboAM4PI 1.0.0.9, ComboAM4v2 PI 1.2.0.8
- Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics — versions PicassoPI-FP5 1.0.0.E, PollockPI-FT5 1.0.0.4
- Amd Epyc™ 7001 Processors — versions various
- Amd Epyc™ 7002 Processors — versions various
- Amd Epyc™ 7003 Processors — versions various
- Amd Epyc™ 9004 Processors — versions various
- Amd Epyc™ Embedded 3000 Series Processors — versions various
- Amd Epyc™ Embedded 7002 Series Processors — versions various
- Amd Epyc™ Embedded 7003 Series Processors — versions various
- Amd Epyc™ Embedded 9003 Series Processors — versions various
References
- www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html (vendor-advisory)
Frequently asked questions
- What is CVE-2021-46746?
- CVE-2021-46746 is a medium-severity vulnerability in Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics. CVSS score: 5.2/10. Published 2024-08-13.
- How severe is CVE-2021-46746?
- Medium severity. CVSS v3 base score is 5.2 out of 10.