CVE-2021-46748

Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.

Published: Nov 14, 2023
Updated: May 4, 2025
CVE: CVE-2021-46748
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
intel / radeon_rx_vega_m_firmware	-	23.10.01.46
amd / radeon_software	-	23.7.1
amd / radeon_software	-	23.q3

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html

Vulnerability Database

289,599

CVE-2021-46748