CVE-2021-46794

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability in AMD Secure Processor firmware allows attackers to trigger a data abort through insufficient bounds checking in SMI mailbox checksum calculations. This can cause denial of service by crashing the system management interface. Systems with affected AMD processors are vulnerable.

💻 Affected Systems

Products:

• AMD processors with ASP firmware

Versions: Specific firmware versions as listed in AMD advisory

Operating Systems: All operating systems running on affected AMD hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is in processor firmware, not operating system software. All configurations using affected hardware are vulnerable.

📦 What is this software?

Athlon Gold 3150g Firmware by Amd

View all CVEs affecting Athlon Gold 3150g Firmware →

Athlon Gold 3150g Firmware by Amd

View all CVEs affecting Athlon Gold 3150g Firmware →

Athlon Gold 3150ge Firmware by Amd

View all CVEs affecting Athlon Gold 3150ge Firmware →

Athlon Gold 3150ge Firmware by Amd

View all CVEs affecting Athlon Gold 3150ge Firmware →

Athlon Silver 3050ge Firmware by Amd

View all CVEs affecting Athlon Silver 3050ge Firmware →

Athlon Silver 3050ge Firmware by Amd

View all CVEs affecting Athlon Silver 3050ge Firmware →

Ryzen 1200 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1200 \(af\) Firmware →

Ryzen 1200 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1200 \(af\) Firmware →

Ryzen 1200 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1200 \(af\) Firmware →

Ryzen 1200 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1200 \(af\) Firmware →

Ryzen 1600 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1600 \(af\) Firmware →

Ryzen 1600 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1600 \(af\) Firmware →

Ryzen 1600 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1600 \(af\) Firmware →

Ryzen 1600 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1600 \(af\) Firmware →

Ryzen 2200g Firmware by Amd

View all CVEs affecting Ryzen 2200g Firmware →

Ryzen 2200g Firmware by Amd

View all CVEs affecting Ryzen 2200g Firmware →

Ryzen 2200g Firmware by Amd

View all CVEs affecting Ryzen 2200g Firmware →

Ryzen 2200g Firmware by Amd

View all CVEs affecting Ryzen 2200g Firmware →

Ryzen 2200ge Firmware by Amd

View all CVEs affecting Ryzen 2200ge Firmware →

Ryzen 2200ge Firmware by Amd

View all CVEs affecting Ryzen 2200ge Firmware →

Ryzen 2200ge Firmware by Amd

View all CVEs affecting Ryzen 2200ge Firmware →

Ryzen 2200ge Firmware by Amd

View all CVEs affecting Ryzen 2200ge Firmware →

Ryzen 2300x Firmware by Amd

View all CVEs affecting Ryzen 2300x Firmware →

Ryzen 2300x Firmware by Amd

View all CVEs affecting Ryzen 2300x Firmware →

Ryzen 2300x Firmware by Amd

View all CVEs affecting Ryzen 2300x Firmware →

Ryzen 2300x Firmware by Amd

View all CVEs affecting Ryzen 2300x Firmware →

Ryzen 2400g Firmware by Amd

View all CVEs affecting Ryzen 2400g Firmware →

Ryzen 2400g Firmware by Amd

View all CVEs affecting Ryzen 2400g Firmware →

Ryzen 2400g Firmware by Amd

View all CVEs affecting Ryzen 2400g Firmware →

Ryzen 2400g Firmware by Amd

View all CVEs affecting Ryzen 2400g Firmware →

Ryzen 2400ge Firmware by Amd

View all CVEs affecting Ryzen 2400ge Firmware →

Ryzen 2400ge Firmware by Amd

View all CVEs affecting Ryzen 2400ge Firmware →

Ryzen 2400ge Firmware by Amd

View all CVEs affecting Ryzen 2400ge Firmware →

Ryzen 2400ge Firmware by Amd

View all CVEs affecting Ryzen 2400ge Firmware →

Ryzen 2500x Firmware by Amd

View all CVEs affecting Ryzen 2500x Firmware →

Ryzen 2500x Firmware by Amd

View all CVEs affecting Ryzen 2500x Firmware →

Ryzen 2500x Firmware by Amd

View all CVEs affecting Ryzen 2500x Firmware →

Ryzen 2500x Firmware by Amd

View all CVEs affecting Ryzen 2500x Firmware →

Ryzen 2600 Firmware by Amd

View all CVEs affecting Ryzen 2600 Firmware →

Ryzen 2600 Firmware by Amd

View all CVEs affecting Ryzen 2600 Firmware →

Ryzen 2600 Firmware by Amd

View all CVEs affecting Ryzen 2600 Firmware →

Ryzen 2600 Firmware by Amd

View all CVEs affecting Ryzen 2600 Firmware →

Ryzen 2600e Firmware by Amd

View all CVEs affecting Ryzen 2600e Firmware →

Ryzen 2600e Firmware by Amd

View all CVEs affecting Ryzen 2600e Firmware →

Ryzen 2600e Firmware by Amd

View all CVEs affecting Ryzen 2600e Firmware →

Ryzen 2600e Firmware by Amd

View all CVEs affecting Ryzen 2600e Firmware →

Ryzen 2600x Firmware by Amd

View all CVEs affecting Ryzen 2600x Firmware →

Ryzen 2600x Firmware by Amd

View all CVEs affecting Ryzen 2600x Firmware →

Ryzen 2600x Firmware by Amd

View all CVEs affecting Ryzen 2600x Firmware →

Ryzen 2600x Firmware by Amd

View all CVEs affecting Ryzen 2600x Firmware →

Ryzen 2700 Firmware by Amd

View all CVEs affecting Ryzen 2700 Firmware →

Ryzen 2700 Firmware by Amd

View all CVEs affecting Ryzen 2700 Firmware →

Ryzen 2700 Firmware by Amd

View all CVEs affecting Ryzen 2700 Firmware →

Ryzen 2700 Firmware by Amd

View all CVEs affecting Ryzen 2700 Firmware →

Ryzen 2700e Firmware by Amd

View all CVEs affecting Ryzen 2700e Firmware →

Ryzen 2700e Firmware by Amd

View all CVEs affecting Ryzen 2700e Firmware →

Ryzen 2700e Firmware by Amd

View all CVEs affecting Ryzen 2700e Firmware →

Ryzen 2700e Firmware by Amd

View all CVEs affecting Ryzen 2700e Firmware →

Ryzen 2700x Firmware by Amd

View all CVEs affecting Ryzen 2700x Firmware →

Ryzen 2700x Firmware by Amd

View all CVEs affecting Ryzen 2700x Firmware →

Ryzen 2700x Firmware by Amd

View all CVEs affecting Ryzen 2700x Firmware →

Ryzen 2700x Firmware by Amd

View all CVEs affecting Ryzen 2700x Firmware →

Ryzen 2920x Firmware by Amd

View all CVEs affecting Ryzen 2920x Firmware →

Ryzen 2920x Firmware by Amd

View all CVEs affecting Ryzen 2920x Firmware →

Ryzen 2920x Firmware by Amd

View all CVEs affecting Ryzen 2920x Firmware →

Ryzen 2920x Firmware by Amd

View all CVEs affecting Ryzen 2920x Firmware →

Ryzen 2950x Firmware by Amd

View all CVEs affecting Ryzen 2950x Firmware →

Ryzen 2950x Firmware by Amd

View all CVEs affecting Ryzen 2950x Firmware →

Ryzen 2950x Firmware by Amd

View all CVEs affecting Ryzen 2950x Firmware →

Ryzen 2950x Firmware by Amd

View all CVEs affecting Ryzen 2950x Firmware →

Ryzen 2970wx Firmware by Amd

View all CVEs affecting Ryzen 2970wx Firmware →

Ryzen 2970wx Firmware by Amd

View all CVEs affecting Ryzen 2970wx Firmware →

Ryzen 2970wx Firmware by Amd

View all CVEs affecting Ryzen 2970wx Firmware →

Ryzen 2970wx Firmware by Amd

View all CVEs affecting Ryzen 2970wx Firmware →

Ryzen 2990wx Firmware by Amd

View all CVEs affecting Ryzen 2990wx Firmware →

Ryzen 2990wx Firmware by Amd

View all CVEs affecting Ryzen 2990wx Firmware →

Ryzen 2990wx Firmware by Amd

View all CVEs affecting Ryzen 2990wx Firmware →

Ryzen 2990wx Firmware by Amd

View all CVEs affecting Ryzen 2990wx Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 5300g Firmware by Amd

View all CVEs affecting Ryzen 5300g Firmware →

Ryzen 5300ge Firmware by Amd

View all CVEs affecting Ryzen 5300ge Firmware →

Ryzen 5500 Firmware by Amd

View all CVEs affecting Ryzen 5500 Firmware →

Ryzen 5600 Firmware by Amd

View all CVEs affecting Ryzen 5600 Firmware →

Ryzen 5600g Firmware by Amd

View all CVEs affecting Ryzen 5600g Firmware →

Ryzen 5600ge Firmware by Amd

View all CVEs affecting Ryzen 5600ge Firmware →

Ryzen 5600x Firmware by Amd

View all CVEs affecting Ryzen 5600x Firmware →

Ryzen 5700g Firmware by Amd

View all CVEs affecting Ryzen 5700g Firmware →

Ryzen 5700ge Firmware by Amd

View all CVEs affecting Ryzen 5700ge Firmware →

Ryzen 5700x Firmware by Amd

View all CVEs affecting Ryzen 5700x Firmware →

Ryzen 5800 Firmware by Amd

View all CVEs affecting Ryzen 5800 Firmware →

Ryzen 5800x Firmware by Amd

View all CVEs affecting Ryzen 5800x Firmware →

Ryzen 5800x3d Firmware by Amd

View all CVEs affecting Ryzen 5800x3d Firmware →

Ryzen 5900 Firmware by Amd

View all CVEs affecting Ryzen 5900 Firmware →

Ryzen 5900x Firmware by Amd

View all CVEs affecting Ryzen 5900x Firmware →

Ryzen 5945wx Firmware by Amd

View all CVEs affecting Ryzen 5945wx Firmware →

Ryzen 5950x Firmware by Amd

View all CVEs affecting Ryzen 5950x Firmware →

Ryzen 5955wx Firmware by Amd

View all CVEs affecting Ryzen 5955wx Firmware →

Ryzen 5965wx Firmware by Amd

View all CVEs affecting Ryzen 5965wx Firmware →

Ryzen 5975wx Firmware by Amd

View all CVEs affecting Ryzen 5975wx Firmware →

Ryzen 5995wx Firmware by Amd

View all CVEs affecting Ryzen 5995wx Firmware →

Ryzen Pro 2100ge Firmware by Amd

View all CVEs affecting Ryzen Pro 2100ge Firmware →

Ryzen Pro 2100ge Firmware by Amd

View all CVEs affecting Ryzen Pro 2100ge Firmware →

Ryzen Pro 2100ge Firmware by Amd

View all CVEs affecting Ryzen Pro 2100ge Firmware →

Ryzen Pro 2100ge Firmware by Amd

View all CVEs affecting Ryzen Pro 2100ge Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash requiring physical power cycle, potentially leading to extended downtime in critical systems.

🟠

Likely Case

System instability or crash requiring reboot, disrupting operations temporarily.

🟢

If Mitigated

Minimal impact with proper patching and monitoring in place.

🌐 Internet-Facing: LOW - Requires local access or privileged execution on the system.

🏢 Internal Only: MEDIUM - Malicious insiders or compromised internal accounts could exploit this to disrupt systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires local system access and knowledge of SMI interfaces. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates specified in AMD-SB-4001 advisory

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

Restart Required: Yes

Instructions:

1. Check AMD advisory for affected processor models. 2. Download appropriate firmware update from motherboard/system manufacturer. 3. Apply firmware update following manufacturer instructions. 4. Reboot system to activate new firmware.

🔧 Temporary Workarounds

Restrict SMI access

all

Limit access to System Management Interface through BIOS/UEFI settings if possible

🧯 If You Can't Patch

• Isolate affected systems from untrusted users and networks
• Implement strict access controls and monitoring for privileged system access

🔍 How to Verify

Check if Vulnerable:

Copy

Check processor model and firmware version against AMD advisory AMD-SB-4001

Check Version:

Copy

On Linux: 'sudo dmidecode -t bios' or 'sudo cat /sys/class/dmi/id/bios_version'. On Windows: 'wmic bios get smbiosbiosversion'

Verify Fix Applied:

Copy

Verify firmware version after update matches patched versions in AMD advisory

📡 Detection & Monitoring

Log Indicators:

• System crash logs
• Kernel panic messages
• Unexpected reboots

Network Indicators:

• None - local exploitation only

SIEM Query:

Copy

EventID 41 (Windows) or kernel panic logs (Linux) from systems with AMD processors

📊 Metadata

CVE ID: CVE-2021-46794

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-125

Published: May 9, 2023

Last Updated: January 28, 2025

🔗 References

• https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 Vendor Advisory
• https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-46794, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)

CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)

CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)