medium
5.5
CWE
119
Advisory Published
Updated

CVE-2021-46748: Buffer Overflow

First published: Tue Nov 14 2023(Updated: )

Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.

Credit: psirt@amd.com

Affected SoftwareAffected VersionHow to fix
All of
AMD Radeon RX Vega M Firmware<23.10.01.46
Any of
Intel Core i5-8305G Firmware
Intel Core i7-8705G firmware
Intel Core i7-8706g firmware
Intel Core i7-8709G Firmware
Intel NUC 8 Enthusiast
Intel NUC kit NUC8i7HVKVAW
Intel NUC kit NUC8i7HVKVAW
Intel NUC 8i7 HNK
Intel NUC kit NUC8i7HVK firmware
All of
AMD Radeon Software for HIP<23.7.1
Any of
AMD Radeon RX 5300 Firmware
AMD Radeon RX 5300 Firmware
AMD Radeon RX 5300M Firmware
AMD Radeon RX 5500
AMD Radeon RX 5500 XT Firmware
AMD Radeon RX 5500M
AMD Radeon RX 5600
AMD Radeon RX 5600
AMD Radeon RX 5600M
AMD Radeon RX 5700
AMD Radeon RX 5700 XT
AMD Radeon RX 5700M
AMD Radeon RX 6300M
AMD Radeon RX 6400
AMD Radeon RX 6450M
AMD Radeon RX 6500 XT
AMD Radeon RX 6500M
AMD Radeon RX 6550M
AMD Radeon RX 6550S
AMD Radeon RX 6600
AMD Radeon RX 6600 XT
AMD Radeon RX 6600M
AMD Radeon RX 6600S
AMD Radeon RX 6650 XT
AMD Radeon RX 6650M XT
AMD Radeon RX 6650M XT
AMD Radeon RX 6700
AMD Radeon RX 6700 XT
AMD Radeon RX 6700M
AMD Radeon RX 6700S
AMD Radeon RX 6800
AMD Radeon RX 6800 XT Firmware
AMD Radeon RX 6800M
AMD Radeon RX 6800
AMD Radeon RX 6850M XT
AMD Radeon RX 6900 XT
AMD Radeon RX 6950XT Firmware
AMD Radeon RX 7600
AMD Radeon RX 7600M
AMD Radeon RX 7600M XT
AMD Radeon RX 7600S
AMD Radeon RX 7700 XT Firmware
AMD Radeon RX 7700S
AMD Radeon RX 7800 XT
AMD Radeon RX 7900
AMD Radeon RX 7900 XT Firmware
AMD Radeon RX 7900XTX Firmware
AMD Radeon RX 7900M
All of
AMD Radeon Software for HIP<23.q3
Any of
AMD Radeon Pro W5500
AMD Radeon Pro W5500X
AMD Radeon Pro W5700
AMD Radeon Pro W5700X Firmware
AMD Radeon Pro W6300
AMD Radeon Pro W6300M
AMD Radeon Pro W6400 Firmware
AMD Radeon Pro W6500M
AMD Radeon Pro W6600
AMD Radeon Pro W6600M
AMD Radeon Pro W6600X
AMD Radeon Pro W6800
AMD Radeon Pro W6800X
AMD Radeon Pro W6800X Duo
AMD Radeon Pro W6900X
AMD Radeon Pro W7500
AMD Radeon Pro W7600
AMD Radeon Pro W7800
All of
AMD Radeon RX Vega 56
AMD Radeon RX Vega 56 Firmware
All of
AMD Radeon RX Vega 64
AMD Radeon RX Vega 64
All of
AMD Radeon Pro Vega 56
AMD Radeon Pro Vega 56
All of
AMD Radeon Pro Vega 64
AMD Radeon Pro Vega 64
All of
Any of
AMD Radeon Software for HIP<23.7.1
AMD Radeon Software for HIP<23.q3
Any of
AMD 3015CE Firmware
AMD Ryzen 3 3015e
AMD Ryzen 3 4100 Firmware
AMD Ryzen 3 4300G Firmware
AMD Ryzen 4300GE Firmware
AMD Ryzen 3 4300U Firmware
AMD Ryzen 3 5300G Firmware
AMD Ryzen 3 5300GE Firmware
AMD Ryzen 3 5300U Firmware
AMD Ryzen 5 4500
AMD Ryzen 5 4500U Firmware
AMD Ryzen 4600G Firmware
AMD Ryzen 5 4600GE firmware
AMD Ryzen 5 4600H Firmware
AMD Ryzen 5 4600HS Firmware
AMD Ryzen 5 4600U Firmware
AMD Ryzen 5 4680U Firmware
AMD Ryzen 5 5500H Firmware
AMD Ryzen 5 5500U
AMD Ryzen 5 5600GT Firmware
AMD Ryzen 5 5600GE Firmware
AMD Ryzen 5 Pro 3200G
AMD Ryzen 5 Pro 3200GE
AMD Ryzen Pro 3350G Firmware
AMD Ryzen 5 Pro 3350GE Firmware
AMD Ryzen 5 Pro 3400G Firmware
AMD Ryzen 5 Pro 3400GE Firmware
AMD Ryzen 7 4700G Firmware
AMD Ryzen 7 4700GE Firmware
AMD Ryzen 7 4700U Firmware
AMD Ryzen 7 4800H Firmware
AMD Ryzen 7 4800H
AMD Ryzen 7 4980U
AMD Ryzen 7 5700G Firmware
AMD Ryzen 7 5700GE Firmware
AMD Ryzen 7 5700U Firmware
AMD Ryzen 9 4900H Firmware
AMD Ryzen 9 4900HS Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2021-46748?

    CVE-2021-46748 has been classified as a security vulnerability that may lead to a denial of service due to insufficient bounds checking.

  • How do I fix CVE-2021-46748?

    To mitigate CVE-2021-46748, it is recommended to update your AMD hardware firmware to the latest version provided by the manufacturer.

  • Which systems are affected by CVE-2021-46748?

    CVE-2021-46748 affects systems using AMD Secure Processor firmware versions below 23.10.01.46 and various AMD Radeon software versions below 23.7.1.

  • What impact could CVE-2021-46748 have on my system?

    CVE-2021-46748 could allow an attacker to access memory outside permissible bounds, potentially leading to service disruption.

  • Is there a specific configuration required to be vulnerable to CVE-2021-46748?

    Yes, only devices operating with certain older firmware versions of AMD products are at risk for CVE-2021-46748.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203