CWE
459
Advisory Published
Updated

CVE-2021-46766

First published: Tue Nov 14 2023(Updated: )

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.

Credit: psirt@amd.com

Affected SoftwareAffected VersionHow to fix
Amd Epyc 9654p Firmware<genoapi_1.0.0.4
Amd Epyc 9654p
Amd Epyc 9654 Firmware<genoapi_1.0.0.4
Amd Epyc 9654
Amd Epyc 9634 Firmware<genoapi_1.0.0.4
Amd Epyc 9634
Amd Epyc 9554p Firmware<genoapi_1.0.0.4
Amd Epyc 9554p
Amd Epyc 9554 Firmware<genoapi_1.0.0.4
Amd Epyc 9554
Amd Epyc 9534 Firmware<genoapi_1.0.0.4
Amd Epyc 9534
Amd Epyc 9474f Firmware<genoapi_1.0.0.4
Amd Epyc 9474f
Amd Epyc 9454p Firmware<genoapi_1.0.0.4
Amd Epyc 9454p
Amd Epyc 9454 Firmware<genoapi_1.0.0.4
Amd Epyc 9454
Amd Epyc 9374f Firmware<genoapi_1.0.0.4
Amd Epyc 9374f
Amd Epyc 9354p Firmware<genoapi_1.0.0.4
Amd Epyc 9354p
Amd Epyc 9354 Firmware<genoapi_1.0.0.4
Amd Epyc 9354
Amd Epyc 9334 Firmware<genoapi_1.0.0.4
Amd Epyc 9334
Amd Epyc 9274f Firmware<genoapi_1.0.0.4
Amd Epyc 9274f
Amd Epyc 9254 Firmware<genoapi_1.0.0.4
Amd Epyc 9254
Amd Epyc 9224 Firmware<genoapi_1.0.0.4
Amd Epyc 9224
Amd Epyc 9174f Firmware<genoapi_1.0.0.4
Amd Epyc 9174f
Amd Epyc 9124 Firmware<genoapi_1.0.0.4
Amd Epyc 9124
Amd Epyc 9684x Firmware<genoapi_1.0.0.4
Amd Epyc 9684x
Amd Epyc 9384x Firmware<genoapi_1.0.0.4
Amd Epyc 9384x
Amd Epyc 9184x Firmware<genoapi_1.0.0.4
Amd Epyc 9184x
Amd Epyc 9754 Firmware<genoapi_1.0.0.4
Amd Epyc 9754
Amd Epyc 9754s Firmware<genoapi_1.0.0.4
Amd Epyc 9754s
Amd Epyc 9734 Firmware<genoapi_1.0.0.4
Amd Epyc 9734
Amd Ryzen Threadripper Pro 3995wx Firmware<chagallwspi-swrx8_1.0.0.5
Amd Ryzen Threadripper Pro 3995wx
Amd Ryzen Threadripper Pro 3975wx Firmware<chagallwspi-swrx8_1.0.0.5
Amd Ryzen Threadripper Pro 3975wx
Amd Ryzen Threadripper Pro 3955wx Firmware<chagallwspi-swrx8_1.0.0.5
Amd Ryzen Threadripper Pro 3955wx
Amd Ryzen Threadripper Pro 3945wx Firmware<chagallwspi-swrx8_1.0.0.5
Amd Ryzen Threadripper Pro 3945wx

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2023 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203