Vulnerabilities > AMD > Ryzen 1600 AF Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-09 | CVE-2021-46759 | Out-of-bounds Write vulnerability in AMD products Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a potential loss of integrity. | 6.1 |
2023-05-09 | CVE-2021-46792 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in AMD products Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service. | 5.9 |