A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memory out of bounds that could potentially result in a denial of service.
References
Link | Resource |
---|---|
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
20 Jan 2023, 18:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:amd:comboam4v2_pi_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:amd:cezannepi-fp6:-:*:*:*:*:*:*:* cpe:2.3:o:amd:cezannepi-fp6_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:amd:renoirpi-fp6_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:amd:comboam4v2_pi:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
References | (MISC) https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031 - Vendor Advisory | |
First Time |
Amd cezannepi-fp6 Firmware
Amd comboam4v2 Pi Firmware Amd comboam4v2 Pi Amd cezannepi-fp6 Amd renoirpi-fp6 Firmware Amd |
|
CWE | CWE-367 |
11 Jan 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-11 08:15
Updated : 2023-12-10 14:48
NVD link : CVE-2021-46795
Mitre link : CVE-2021-46795
CVE.ORG link : CVE-2021-46795
JSON object : View
Products Affected
amd
- comboam4v2_pi
- comboam4v2_pi_firmware
- cezannepi-fp6_firmware
- cezannepi-fp6
- renoirpi-fp6_firmware
CWE
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition