CVE-2021-46760

Published May 9, 2023
Last updated a year ago
CVSS critical 9.8
Overview

Description: A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which may result in an out-of-bounds memory access that may potentially lead to an attacker leaking sensitive information or achieving code execution.
Source: psirt@amd.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL
Weaknesses

nvd@nist.gov: CWE-119
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3945wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C78A967-F746-4878-920A-464568277C81"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3945wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DBDB6866-7C3D-4EB2-B000-F166585F4AA8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3955wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "406E8509-18D0-4A8D-AB14-E2D8627B2E32"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3955wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C59F960F-D975-4CFF-96F1-E15C1A1A89C9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3960x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53E14647-F625-4801-B884-1024CFCF7A05"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3960x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB68A0C0-E575-4AA0-A312-8B1933085C19"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3970x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C274FF4-0DFF-42FF-B308-77042E558337"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3970x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DB67C763-72E9-4E0D-873A-04220C3583C4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3975wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12D08409-5FC5-483A-8E2A-CFF2F82170ED"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3975wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B2AAD377-B60E-4EF5-BE1F-944B19CAA02A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3990x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AE0FEBA-4C22-4DFC-8570-B4245431F266"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3990x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8E682064-7B94-46F1-A906-20482941B80D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3995wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6A50495-C80D-4A9E-8332-DDB1D9A50827"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3995wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4DAA0D7A-E918-419D-BC89-65AA9E136C30"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3945wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1656388D-7294-4C23-A7AA-DE3698B6049F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3945wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DBDB6866-7C3D-4EB2-B000-F166585F4AA8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3955wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6ABD246-26BB-4A8E-BA08-67591E715F38"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3955wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C59F960F-D975-4CFF-96F1-E15C1A1A89C9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3960x_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC6A1905-D30E-41C3-84DB-C05BE70C110C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3960x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB68A0C0-E575-4AA0-A312-8B1933085C19"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3970x_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24C15B2E-9D61-44C9-876D-0EBB7B438561"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3970x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DB67C763-72E9-4E0D-873A-04220C3583C4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3975wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BED390E-AA1E-424C-8D13-61D661418855"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3975wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B2AAD377-B60E-4EF5-BE1F-944B19CAA02A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3990x_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B40AD74-67EC-4258-9073-8AFFDE743D49"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3990x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8E682064-7B94-46F1-A906-20482941B80D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3995wx_firmware:chagallwspi-swrx8_1.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4383AF2-38C5-4225-B058-651979423864"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3995wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4DAA0D7A-E918-419D-BC89-65AA9E136C30"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3945wx_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8694294-9D25-4435-AD3E-0135141493B7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3945wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DBDB6866-7C3D-4EB2-B000-F166585F4AA8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3955wx_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2559307C-99A8-41D0-B13F-81EF3025857D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3955wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C59F960F-D975-4CFF-96F1-E15C1A1A89C9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3960x_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A0295EE-CCDA-4B90-8CF2-020A90A77FF4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3960x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB68A0C0-E575-4AA0-A312-8B1933085C19"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3970x_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58FD7B3B-76E4-4EA1-8567-4699B600B541"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3970x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DB67C763-72E9-4E0D-873A-04220C3583C4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3975wx_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC69F750-D3C5-455A-AE8C-2AC089C18376"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3975wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B2AAD377-B60E-4EF5-BE1F-944B19CAA02A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3990x_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C9F0F99-6AF5-46C4-A822-38DFE2FAD0B6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3990x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8E682064-7B94-46F1-A906-20482941B80D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:amd:ryzen_3995wx_firmware:castlepeakpi-sp3r3_1.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86F7CA80-CDA0-4391-A9C1-0DEF31B08320"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_3995wx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4DAA0D7A-E918-419D-BC89-65AA9E136C30"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
