Main Vulnerability Database SB2024100221

SB2024100221 - Stack-based buffer overflow in AMD EPYC Processors

Published: October 2, 2024

Security Bulletin ID SB2024100221

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Stack-based buffer overflow (CVE-ID: CVE-2021-46746)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in ASP Secure OS Trusted Execution Environment (TEE). A local privileged user with access to AMD signing keys can trigger a stack-based buffer overflow and perform a denial of service (DoS) attack.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html

SB2024100221 - Stack-based buffer overflow in AMD EPYC Processors

Breakdown by Severity

Description

Remediation

References

Please verify you're human