CVE-2021-46774

6.7MEDIUM

Key Information

Vendor: Amd
Status: Ryzen™ 3000 Series Desktop Processors “matisse"; Amd Ryzen™ 5000 Series Desktop Processors “vermeer”; Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt; Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3
Vendor: CVE Published:; 14 November 2023

Summary

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.

Affected Version(s)

Ryzen™ 3000 series Desktop Processors “Matisse" = various

AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” = various

AMD Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDT = various

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Risk change from: 7.5 to: 6.7 - (MEDIUM)
Aug 4, 2024
Risk change from: 7.5 to: 6.7 - (MEDIUM)
Jun 18, 2024
Vulnerability published.
Nov 14, 2023
Vulnerability Reserved.
Mar 31, 2022

Collectors

NVD DatabaseMitre Database