CVE-2021-46773
https://notcve.org/view.php?id=CVE-2021-46773
Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-20: Improper Input Validation •
CVE-2021-46765
https://notcve.org/view.php?id=CVE-2021-46765
Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •
CVE-2021-46753
https://notcve.org/view.php?id=CVE-2021-46753
Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 •
CVE-2021-26365
https://notcve.org/view.php?id=CVE-2021-26365
Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •