ГлавнаяУязвимости → CVE-2021-46757
7.8высокая

CVE-2021-46757

Описание

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation.

Затрагиваемое ПО
Amd Ryzen embedded 5950e firmwareAmd Ryzen embedded 5950eAmd Ryzen embedded 5900e firmwareAmd Ryzen embedded 5900eAmd Ryzen embedded 5800e firmwareAmd Ryzen embedded 5800eAmd Ryzen embedded 5600e firmwareAmd Ryzen embedded 5600eAmd Ryzen embedded v2516 firmwareAmd Ryzen embedded v2516Amd Ryzen embedded v2546 firmwareAmd Ryzen embedded v2546Amd Ryzen embedded v2718 firmwareAmd Ryzen embedded v2718Amd Ryzen embedded v2748 firmwareAmd Ryzen embedded v2748Amd Ryzen embedded r2312 firmwareAmd Ryzen embedded r2312Amd Ryzen embedded r2314 firmwareAmd Ryzen embedded r2314
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001