VDB
CVE-2021-46774
CVE-2021-46774
PUBLISHED
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
EPSS 0.03% · 10.1th percentile
Risk Scores
EPSS Score
0.03%
10.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Lenovo BIOS | |
| Lenovo | Lenovo Computer | |
| HPE | HPE ProLiant | |
| Dell | Dell Computer | |
| Oracle | Oracle Linux | |
| Dell | Dell BIOS | |
| SUSE | SUSE Linux | |
| IBM | IBM Power Hardware Management Console V10 | |
| HP | HP Computer | |
| Red Hat | Red Hat Enterprise Linux | |
| AMD | AMD Prozessor | |
| Open Source | Open Source CentOS |
Timeline
- Nov 14, 2023 CVE Published
- Nov 15, 2023 EPSS Score
- Dec 15, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Feb 14, 2024 EPSS Score
- Mar 15, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 13, 2024 EPSS Score
- Jul 13, 2024 EPSS Score
- Aug 13, 2024 EPSS Score
- Sep 12, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2916.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2916 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7011.html advisory
- https://support.lenovo.com/de/de/product_security/ps500589-multi-vendor-bios-security-vulnerabilities-november-2023 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017285.html advisory
- https://www.dell.com/support/kbdoc/000220057/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220223/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220054/dsa-2023-= advisory
- https://support.hp.com/us-en/document/ish_9799938-9799975-16/HPSBHF03893 advisory
- https://www.dell.com/support/kbdoc/000218423/dsa-2023-= advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017397.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017401.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017396.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017402.html advisory
- https://support.hp.com/us-en/document/ish_9925738-9925742-16/HPSBHF03892 advisory
- https://access.redhat.com/errata/RHSA-2024:0753 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5001.html advisory
…and 12 more