Vulnerabilities > CVE-2021-46764 - Out-of-bounds Write vulnerability in AMD products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

amd

CWE-787

NVD

Published: 2023-05-09

Updated: 2023-05-22

Summary

Improper validation of DRAM addresses in SMU may allow an attacker to overwrite sensitive memory locations within the ASP potentially resulting in a denial of service.

Vulnerable Configurations

Part	Description	Count
OS	Amd AMD Epyc 72F3 Firmware Milanpi_1.0.0.9 AMD Epyc 7313 Firmware Milanpi_1.0.0.9 AMD Epyc 7313P Firmware Milanpi_1.0.0.9 AMD Epyc 7343 Firmware Milanpi_1.0.0.9 AMD Epyc 7373X Firmware Milanpi_1.0.0.9 AMD Epyc 73F3 Firmware Milanpi_1.0.0.9 AMD Epyc 7413 Firmware Milanpi_1.0.0.9 AMD Epyc 7443 Firmware Milanpi_1.0.0.9 AMD Epyc 7443P Firmware Milanpi_1.0.0.9 AMD Epyc 7453 Firmware Milanpi_1.0.0.9 AMD Epyc 7473X Firmware Milanpi_1.0.0.9 AMD Epyc 74F3 Firmware Milanpi_1.0.0.9 AMD Epyc 7513 Firmware Milanpi_1.0.0.9 AMD Epyc 7543 Firmware Milanpi_1.0.0.9 AMD Epyc 7543P Firmware Milanpi_1.0.0.9 AMD Epyc 7573X Firmware Milanpi_1.0.0.9 AMD Epyc 75F3 Firmware Milanpi_1.0.0.9 AMD Epyc 7643 Firmware Milanpi_1.0.0.9 AMD Epyc 7663 Firmware Milanpi_1.0.0.9 AMD Epyc 7713 Firmware Milanpi_1.0.0.9 AMD Epyc 7713P Firmware Milanpi_1.0.0.9 AMD Epyc 7763 Firmware Milanpi_1.0.0.9 AMD Epyc 7773X Firmware Milanpi_1.0.0.9 AMD Epyc 7232P Firmware Romepi_1.0.0.E AMD Epyc 7252 Firmware Romepi_1.0.0.E AMD Epyc 7262 Firmware Romepi_1.0.0.E AMD Epyc 7272 Firmware Romepi_1.0.0.E AMD Epyc 7282 Firmware Romepi_1.0.0.E AMD Epyc 7302 Firmware Romepi_1.0.0.E AMD Epyc 7302P Firmware Romepi_1.0.0.E AMD Epyc 7352 Firmware Romepi_1.0.0.E AMD Epyc 7402 Firmware Romepi_1.0.0.E AMD Epyc 7402P Firmware Romepi_1.0.0.E AMD Epyc 7452 Firmware Romepi_1.0.0.E AMD Epyc 7502 Firmware Romepi_1.0.0.E AMD Epyc 7502P Firmware Romepi_1.0.0.E AMD Epyc 7532 Firmware Romepi_1.0.0.E AMD Epyc 7542 Firmware Romepi_1.0.0.E AMD Epyc 7552 Firmware Romepi_1.0.0.E AMD Epyc 7642 Firmware Romepi_1.0.0.E AMD Epyc 7662 Firmware Romepi_1.0.0.E AMD Epyc 7702 Firmware Romepi_1.0.0.E AMD Epyc 7702P Firmware Romepi_1.0.0.E AMD Epyc 7742 Firmware Romepi_1.0.0.E AMD Epyc 7F32 Firmware Romepi_1.0.0.E AMD Epyc 7F52 Firmware Romepi_1.0.0.E AMD Epyc 7F72 Firmware Romepi_1.0.0.E AMD Epyc 7H12 Firmware Romepi_1.0.0.E	48
Hardware	Amd AMD Epyc 72F3 - AMD Epyc 7313 - AMD Epyc 7313P - AMD Epyc 7343 - AMD Epyc 7373X - AMD Epyc 73F3 - AMD Epyc 7413 - AMD Epyc 7443 - AMD Epyc 7443P - AMD Epyc 7453 - AMD Epyc 7473X - AMD Epyc 74F3 - AMD Epyc 7513 - AMD Epyc 7543 - AMD Epyc 7543P - AMD Epyc 7573X - AMD Epyc 75F3 - AMD Epyc 7643 - AMD Epyc 7663 - AMD Epyc 7713 - AMD Epyc 7713P - AMD Epyc 7763 - AMD Epyc 7773X - AMD Epyc 7232P - AMD Epyc 7252 - AMD Epyc 7262 - AMD Epyc 7272 - AMD Epyc 7282 - AMD Epyc 7302 - AMD Epyc 7302P - AMD Epyc 7352 - AMD Epyc 7402 - AMD Epyc 7402P - AMD Epyc 7452 - AMD Epyc 7502 - AMD Epyc 7502P - AMD Epyc 7532 - AMD Epyc 7542 - AMD Epyc 7552 - AMD Epyc 7642 - AMD Epyc 7662 - AMD Epyc 7702 - AMD Epyc 7702P - AMD Epyc 7742 - AMD Epyc 7F32 - AMD Epyc 7F52 - AMD Epyc 7F72 - AMD Epyc 7H12 -	48

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001