CVEs-PoC/2021/CVE-2021-46792.md

### [CVE-2021-46792](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46792)
![](https://img.shields.io/static/v1?label=Product&message=Athlon%E2%84%A2%203000%20Series%20Mobile%20Processors%20with%20Radeon%E2%84%A2%20Graphics%20%E2%80%9CDali%E2%80%9D%2F%E2%80%9DDali%E2%80%9D%20ULP&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Ryzen%E2%84%A2%202000%20Series%20Mobile%20Processors%20%E2%80%9CRaven%20Ridge%E2%80%9D%20FP5&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Ryzen%E2%84%A2%202000%20series%20Desktop%20Processors%20%E2%80%9CRaven%20Ridge%E2%80%9D%20AM4&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Ryzen%E2%84%A2%203000%20Series%20Mobile%20Processors%20with%20Radeon%E2%84%A2%20Graphics%20%E2%80%9CRenoir%E2%80%9D%20&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Ryzen%E2%84%A2%203000%20Series%20Mobile%20processor%2C%202nd%20Gen%20AMD%20Ryzen%E2%84%A2%20Mobile%20Processors%20with%20Radeon%E2%84%A2%20Graphics%20%E2%80%9CPicasso%E2%80%9D&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Ryzen%E2%84%A2%205000%20Series%20Desktop%20processor%20with%20Radeon%E2%84%A2%20Graphics%20%20%E2%80%9CCezanne%E2%80%9D%20AM4&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Ryzen%E2%84%A2%205000%20Series%20Mobile%20Processors%20with%20Radeon%E2%84%A2%20Graphics%20%E2%80%9CLucienne%E2%80%9D&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Ryzen%E2%84%A2%205000%20Series%20Mobile%20processors%20with%20Radeon%E2%84%A2%20Graphics%20%E2%80%9CCezanne%E2%80%9D&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Various%20%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=various%20%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

Time-of-check Time-of-use (TOCTOU) in theBIOS2PSP command may allow an attacker with a malicious BIOS to create a racecondition causing the ASP bootloader to perform out-of-bounds SRAM reads uponan S3 resume event potentially leading to a denial of service.

### POC

#### Reference
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

#### Github
No PoCs found on GitHub currently.