CRITICAL🇵🇱 Wersja polska

CVE-2021-46760

CVSS 9.8v3.1pub. 2023-05-09upd. 2025-01-27

A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which may result in an out-of-bounds memory access that may potentially lead to an attacker leaking sensitive information or achieving code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Amd Ryzen 3945wx

    HW
    Amd
    wszystkie wersje
  • Amd Ryzen 3945wx Firmware

    OS
    Amd
    castlepeakpi-sp3r3_1.0.0.7castlepeakwspi-swrx8_1.0.0.9chagallwspi-swrx8_1.0.0.2
  • Amd Ryzen 3955wx

    HW
    Amd
    wszystkie wersje
  • Amd Ryzen 3955wx Firmware

    OS
    Amd
    castlepeakpi-sp3r3_1.0.0.7castlepeakwspi-swrx8_1.0.0.9chagallwspi-swrx8_1.0.0.2
  • Amd Ryzen 3960x

    HW
    Amd
    wszystkie wersje
  • Amd Ryzen 3960x Firmware

    OS
    Amd
    castlepeakpi-sp3r3_1.0.0.7castlepeakwspi-swrx8_1.0.0.9chagallwspi-swrx8_1.0.0.2
  • Amd Ryzen 3970x

    HW
    Amd
    wszystkie wersje
  • Amd Ryzen 3970x Firmware

    OS
    Amd
    castlepeakpi-sp3r3_1.0.0.7castlepeakwspi-swrx8_1.0.0.9chagallwspi-swrx8_1.0.0.2
  • Amd Ryzen 3975wx

    HW
    Amd
    wszystkie wersje
  • Amd Ryzen 3975wx Firmware

    OS
    Amd
    castlepeakpi-sp3r3_1.0.0.7castlepeakwspi-swrx8_1.0.0.9chagallwspi-swrx8_1.0.0.2
  • Amd Ryzen 3990x

    HW
    Amd
    wszystkie wersje
  • Amd Ryzen 3990x Firmware

    OS
    Amd
    castlepeakpi-sp3r3_1.0.0.7castlepeakwspi-swrx8_1.0.0.9chagallwspi-swrx8_1.0.0.2
  • Amd Ryzen 3995wx

    HW
    Amd
    wszystkie wersje
  • Amd Ryzen 3995wx Firmware

    OS
    Amd
    castlepeakpi-sp3r3_1.0.0.7castlepeakwspi-swrx8_1.0.0.9chagallwspi-swrx8_1.0.0.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2023-20597MEDIUM5.5ten sam produkt

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive informati...

CVE-2026-49121CRITICAL9.2PL ✓ten sam vendor

RCE przez niebezpieczną deserializację pickle w AITER (ROCm)

CVE-2023-20596CRITICAL9.8ten sam vendor

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain R...

CVE-2022-23821CRITICAL9.8ten sam vendor

Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially ...

CVE-2023-20586CRITICAL9.8ten sam vendor

A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation ...