Description
Time-of-check Time-of-use (TOCTOU) in the
BIOS2PSP command may allow an attacker with a malicious BIOS to create a race
condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon
an S3 resume event potentially leading to a denial of service.




Published: 2023-05-09
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2021-33448 Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service.
History

Tue, 28 Jan 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Amd Athlon Gold 3150g Athlon Gold 3150g Firmware Athlon Gold 3150ge Athlon Gold 3150ge Firmware Athlon Silver 3050ge Athlon Silver 3050ge Firmware Ryzen 1200 \(af\) Ryzen 1200 \(af\) Firmware Ryzen 1600 \(af\) Ryzen 1600 \(af\) Firmware Ryzen 2200g Ryzen 2200g Firmware Ryzen 2200ge Ryzen 2200ge Firmware Ryzen 2300x Ryzen 2300x Firmware Ryzen 2400g Ryzen 2400g Firmware Ryzen 2400ge Ryzen 2400ge Firmware Ryzen 2500x Ryzen 2500x Firmware Ryzen 2600 Ryzen 2600 Firmware Ryzen 2600e Ryzen 2600e Firmware Ryzen 2600x Ryzen 2600x Firmware Ryzen 2700 Ryzen 2700 Firmware Ryzen 2700e Ryzen 2700e Firmware Ryzen 2700x Ryzen 2700x Firmware Ryzen 2920x Ryzen 2920x Firmware Ryzen 2950x Ryzen 2950x Firmware Ryzen 2970wx Ryzen 2970wx Firmware Ryzen 2990wx Ryzen 2990wx Firmware Ryzen 3100 Ryzen 3100 Firmware Ryzen 3300x Ryzen 3300x Firmware Ryzen 3500 Ryzen 3500 Firmware Ryzen 3500x Ryzen 3500x Firmware Ryzen 3600 Ryzen 3600 Firmware Ryzen 3600x Ryzen 3600x Firmware Ryzen 3600xt Ryzen 3600xt Firmware Ryzen 3800x Ryzen 3800x Firmware Ryzen 3800xt Ryzen 3800xt Firmware Ryzen 3900 Ryzen 3900 Firmware Ryzen 3900x Ryzen 3900x Firmware Ryzen 3900xt Ryzen 3900xt Firmware Ryzen 3950x Ryzen 3950x Firmware Ryzen 5300g Ryzen 5300g Firmware Ryzen 5300ge Ryzen 5300ge Firmware Ryzen 5500 Ryzen 5500 Firmware Ryzen 5600 Ryzen 5600 Firmware Ryzen 5600g Ryzen 5600g Firmware Ryzen 5600ge Ryzen 5600ge Firmware Ryzen 5600x Ryzen 5600x Firmware Ryzen 5700g Ryzen 5700g Firmware Ryzen 5700ge Ryzen 5700ge Firmware Ryzen 5700x Ryzen 5700x Firmware Ryzen 5800 Ryzen 5800 Firmware Ryzen 5800x Ryzen 5800x3d Ryzen 5800x3d Firmware Ryzen 5800x Firmware Ryzen 5900 Ryzen 5900 Firmware Ryzen 5900x Ryzen 5900x Firmware Ryzen 5945wx Ryzen 5945wx Firmware Ryzen 5950x Ryzen 5950x Firmware Ryzen 5955wx Ryzen 5955wx Firmware Ryzen 5965wx Ryzen 5965wx Firmware Ryzen 5975wx Ryzen 5975wx Firmware Ryzen 5995wx Ryzen 5995wx Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2025-01-28T15:33:26.980Z

Reserved: 2022-05-04T18:14:06.437Z

Link: CVE-2021-46792

cve-icon Vulnrichment

Updated: 2024-08-04T05:17:42.668Z

cve-icon NVD

Status : Modified

Published: 2023-05-09T20:15:12.413

Modified: 2025-01-28T16:15:33.137

Link: CVE-2021-46792

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses