CVE-2021-26347

EPSS 0.15%
Veröffentlicht 11.05.2022 17:15:08
Zuletzt bearbeitet 21.11.2024 05:56:10
Quelle psirt@amd.com
Teams Watchlist Login
Unerledigt Login

Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Amd ≫ Epyc 7763 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7763 Version-

Amd ≫ Epyc 7713p Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7713p Version-

Amd ≫ Epyc 7713 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7713 Version-

Amd ≫ Epyc 7663 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7663 Version-

Amd ≫ Epyc 7643 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7643 Version-

Amd ≫ Epyc 75f3 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 75f3 Version-

Amd ≫ Epyc 7543p Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7543p Version-

Amd ≫ Epyc 7543 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7543 Version-

Amd ≫ Epyc 7513 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7513 Version-

Amd ≫ Epyc 7453 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7453 Version-

Amd ≫ Epyc 74f3 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 74f3 Version-

Amd ≫ Epyc 7443p Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7443p Version-

Amd ≫ Epyc 7443 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7443 Version-

Amd ≫ Epyc 7413 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7413 Version-

Amd ≫ Epyc 73f3 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 73f3 Version-

Amd ≫ Epyc 7343 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7343 Version-

Amd ≫ Epyc 7313p Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7313p Version-

Amd ≫ Epyc 7313 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7313 Version-

Amd ≫ Epyc 72f3 Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 72f3 Version-

Amd ≫ Epyc 7773x Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7773x Version-

Amd ≫ Epyc 7473x Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7473x Version-

Amd ≫ Epyc 7573x Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7573x Version-

Amd ≫ Epyc 7373x Firmware Version < milanpi-sp3_1.0.0.7

Amd ≫ Epyc 7373x Version-

Amd ≫ Epyc 7002 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7002 Version-

Amd ≫ Epyc 7232p Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7232p Version-

Amd ≫ Epyc 7252 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7252 Version-

Amd ≫ Epyc 7262 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7262 Version-

Amd ≫ Epyc 7272 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7272 Version-

Amd ≫ Epyc 7282 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7282 Version-

Amd ≫ Epyc 7302 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7302 Version-

Amd ≫ Epyc 7302p Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7302p Version-

Amd ≫ Epyc 7352 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7352 Version-

Amd ≫ Epyc 7402 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7402 Version-

Amd ≫ Epyc 7402p Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7402p Version-

Amd ≫ Epyc 7452 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7452 Version-

Amd ≫ Epyc 7502 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7502 Version-

Amd ≫ Epyc 7502p Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7502p Version-

Amd ≫ Epyc 7532 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7532 Version-

Amd ≫ Epyc 7542 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7542 Version-

Amd ≫ Epyc 7552 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7552 Version-

Amd ≫ Epyc 7642 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7642 Version-

Amd ≫ Epyc 7662 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7662 Version-

Amd ≫ Epyc 7702 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7702 Version-

Amd ≫ Epyc 7702p Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7702p Version-

Amd ≫ Epyc 7742 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7742 Version-

Amd ≫ Epyc 7f32 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7f32 Version-

Amd ≫ Epyc 7h12 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7h12 Version-

Amd ≫ Epyc 7f72 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7f72 Version-

Amd ≫ Epyc 7f52 Firmware Version < romepi-sp3_1.0.0.d

Amd ≫ Epyc 7f52 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.354

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.7	1	3.6	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.7	3.4	6.9	AV:L/AC:M/Au:N/C:N/I:N/A:C

CWE-1284 Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031

https://nvd.nist.gov/vuln/detail/CVE-2021-26347

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-26347

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-26347

EUVD