Vulnerability in Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics “Barcelo”
CVE-2021-46758
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.
EPSS: 0.001 (27.3th percentile) — read the EPSS interpretation.
Affected products
- Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics “Barcelo” — versions various
- Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics "Rembrandt" — versions various
- Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “Barcelo-r” — versions various
- Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “Rembrandt-r” — versions various
- Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “Renoir” Fp6 — versions various
- Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics “Cezanne” — versions various
- Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “Cezanne” — versions various
- Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “Lucienne” — versions various
- Amd Ryzen™ 7000 Series Desktop Processors “Raphael” Xd3 — versions various
References
- www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 (vendor-advisory)