CVE-2021-46750

low

Description

Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html

Details

Source: Mitre, NVD

Published: 2025-09-06

Updated: 2025-09-08

Risk Information

CVSS v2

Base Score: 2.3

Vector: CVSS2#AV:L/AC:H/Au:M/C:P/I:P/A:N

Severity: Low

CVSS v3

Base Score: 3

Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

Severity: Low

EPSS

EPSS: 0.00011