5.9

CVE-2021-46792

Time-of-check Time-of-use (TOCTOU) in the
BIOS2PSP command may allow an attacker with a malicious BIOS to create a race
condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon
an S3 resume event potentially leading to a denial of service.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AmdRyzen 5300g Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5300g Version-
AmdRyzen 5300ge Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5300ge Version-
AmdRyzen 5500 Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5500 Version-
AmdRyzen 5600 Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5600 Version-
AmdRyzen 5600g Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5600g Version-
AmdRyzen 5600ge Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5600ge Version-
AmdRyzen 5600x Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5600x Version-
AmdRyzen 5700g Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5700g Version-
AmdRyzen 5700ge Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5700ge Version-
AmdRyzen 5700x Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5700x Version-
AmdRyzen 5800 Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5800 Version-
AmdRyzen 5800x3d Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5800x3d Version-
AmdRyzen 5800x Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5800x Version-
AmdRyzen 5900 Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5900 Version-
AmdRyzen 5900x Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5900x Version-
AmdRyzen 5945wx Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5945wx Version-
AmdRyzen 5950x Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5950x Version-
AmdRyzen 5955wx Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5955wx Version-
AmdRyzen 5965wx Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5965wx Version-
AmdRyzen 5975wx Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5975wx Version-
AmdRyzen 5995wx Firmware Versioncezannepi-fp6_1.0.0.6
   AmdRyzen 5995wx Version-
AmdRyzen 3100 Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3100 Version-
AmdRyzen 3100 Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3100 Version-
AmdRyzen 3100 Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3100 Version-
AmdRyzen 3300x Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3300x Version-
AmdRyzen 3300x Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3300x Version-
AmdRyzen 3300x Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3300x Version-
AmdRyzen 3500 Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3500 Version-
AmdRyzen 3500 Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3500 Version-
AmdRyzen 3500 Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3500 Version-
AmdRyzen 3500x Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3500x Version-
AmdRyzen 3500x Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3500x Version-
AmdRyzen 3500x Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3500x Version-
AmdRyzen 3600 Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3600 Version-
AmdRyzen 3600 Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3600 Version-
AmdRyzen 3600 Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3600 Version-
AmdRyzen 3600x Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3600x Version-
AmdRyzen 3600x Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3600x Version-
AmdRyzen 3600x Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3600x Version-
AmdRyzen 3600xt Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3600xt Version-
AmdRyzen 3600xt Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3600xt Version-
AmdRyzen 3600xt Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3600xt Version-
AmdRyzen 3800x Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3800x Version-
AmdRyzen 3800x Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3800x Version-
AmdRyzen 3800x Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3800x Version-
AmdRyzen 3800xt Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3800xt Version-
AmdRyzen 3800xt Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3800xt Version-
AmdRyzen 3800xt Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3800xt Version-
AmdRyzen 3900 Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3900 Version-
AmdRyzen 3900 Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3900 Version-
AmdRyzen 3900 Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3900 Version-
AmdRyzen 3900x Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3900x Version-
AmdRyzen 3900x Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3900x Version-
AmdRyzen 3900x Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3900x Version-
AmdRyzen 3900xt Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3900xt Version-
AmdRyzen 3900xt Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3900xt Version-
AmdRyzen 3900xt Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3900xt Version-
AmdRyzen 3950x Firmware Versioncomboam4v2_pi_1.2.0.5
   AmdRyzen 3950x Version-
AmdRyzen 3950x Firmware Versionpicasso_pi-fp5_1.0.0.4
   AmdRyzen 3950x Version-
AmdRyzen 3950x Firmware Versionrenoirpi-fp6_1.0.0.7
   AmdRyzen 3950x Version-
AmdRyzen 1200 (af) Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 1200 (af) Version-
AmdRyzen 1200 (af) Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 1200 (af) Version-
AmdRyzen 1600 (af) Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 1600 (af) Version-
AmdRyzen 1600 (af) Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 1600 (af) Version-
AmdRyzen 2200g Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2200g Version-
AmdRyzen 2200g Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2200g Version-
AmdRyzen 2200ge Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2200ge Version-
AmdRyzen 2200ge Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2200ge Version-
AmdRyzen 2300x Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2300x Version-
AmdRyzen 2300x Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2300x Version-
AmdRyzen 2400g Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2400g Version-
AmdRyzen 2400g Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2400g Version-
AmdRyzen 2400ge Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2400ge Version-
AmdRyzen 2400ge Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2400ge Version-
AmdRyzen 2500x Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2500x Version-
AmdRyzen 2500x Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2500x Version-
AmdRyzen 2600 Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2600 Version-
AmdRyzen 2600 Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2600 Version-
AmdRyzen 2600e Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2600e Version-
AmdRyzen 2600e Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2600e Version-
AmdRyzen 2600x Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2600x Version-
AmdRyzen 2600x Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2600x Version-
AmdRyzen 2700 Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2700 Version-
AmdRyzen 2700 Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2700 Version-
AmdRyzen 2700e Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2700e Version-
AmdRyzen 2700e Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2700e Version-
AmdRyzen 2700x Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2700x Version-
AmdRyzen 2700x Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2700x Version-
AmdRyzen 2920x Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2920x Version-
AmdRyzen 2920x Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2920x Version-
AmdRyzen 2950x Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2950x Version-
AmdRyzen 2950x Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2950x Version-
AmdRyzen 2970wx Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2970wx Version-
AmdRyzen 2970wx Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2970wx Version-
AmdRyzen 2990wx Firmware Versionpinnaclepi-am4_1.0.0.7
   AmdRyzen 2990wx Version-
AmdRyzen 2990wx Firmware Versionraven-fp5-am4_1.0.0.9
   AmdRyzen 2990wx Version-
AmdAthlon Gold 3150g Firmware Versionpicassopi-fp5_1.0.0.4
   AmdAthlon Gold 3150g Version-
AmdAthlon Gold 3150ge Firmware Versionpicassopi-fp5_1.0.0.4
   AmdAthlon Gold 3150ge Version-
AmdAthlon Silver 3050ge Firmware Versionpicassopi-fp5_1.0.0.4
   AmdAthlon Silver 3050ge Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.281
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.