A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a compromised BIOS to cause the TEE OS to read memory out of bounds that could potentially result in a denial of service. Reference: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1031
Affected Products: ------------------ AMD Athlon™ Processors AMD Ryzen™ Processors AMD Threadripper™ Processors
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-46795