Insufficient Syscall Input Validation in AMD ASP Bootloader
CVE-2021-46769
8.8HIGH
Key Information:
- Vendor
Amd
- Vendor
- CVE Published:
- 9 May 2023
What is CVE-2021-46769?
The ASP Bootloader from AMD exhibits insufficient validation of syscall inputs, potentially enabling a privileged attacker to perform unauthorized Direct Memory Access (DMA) operations. This vulnerability can facilitate the execution of arbitrary code, posing a significant risk to system integrity and security. Users are advised to review the latest security advisories and apply necessary updates to mitigate potential threats.
Affected Version(s)
2nd Gen AMD EPYC™ x86 various
3rd Gen AMD EPYC™ x86 various