CVE-2021-26352

EPSS 0.13%
Published 10.05.2022 19:15:08
Last modified 21.11.2024 05:56:11
Source psirt@amd.com
Teams watchlist Login
Open Login

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Amd ≫ Ryzen 5 2600 Firmware Version-

Amd ≫ Ryzen 5 2600 Version-

Amd ≫ Ryzen 5 2600x Firmware Version-

Amd ≫ Ryzen 5 2600x Version-

Amd ≫ Ryzen 5 2700x Firmware Version-

Amd ≫ Ryzen 5 2700x Version-

Amd ≫ Ryzen 5 2700 Firmware Version-

Amd ≫ Ryzen 5 2700 Version-

Amd ≫ Ryzen 5 3600 Firmware Version-

Amd ≫ Ryzen 5 3600 Version-

Amd ≫ Ryzen 5 3600x Firmware Version-

Amd ≫ Ryzen 5 3600x Version-

Amd ≫ Ryzen 7 3700x Firmware Version-

Amd ≫ Ryzen 7 3700x Version-

Amd ≫ Ryzen 7 3800x Firmware Version-

Amd ≫ Ryzen 7 3800x Version-

Amd ≫ Ryzen 9 3900x Firmware Version-

Amd ≫ Ryzen 9 3900x Version-

Amd ≫ Ryzen 9 3950x Firmware Version-

Amd ≫ Ryzen 9 3950x Version-

Amd ≫ Ryzen 9 5950x Firmware Version-

Amd ≫ Ryzen 9 5950x Version-

Amd ≫ Ryzen 9 5900x Firmware Version-

Amd ≫ Ryzen 9 5900x Version-

Amd ≫ Ryzen 7 5800x Firmware Version-

Amd ≫ Ryzen 7 5800x Version-

Amd ≫ Ryzen 7 5700g Firmware Version-

Amd ≫ Ryzen 7 5700g Version-

Amd ≫ Ryzen 7 5700ge Firmware Version-

Amd ≫ Ryzen 7 5700ge Version-

Amd ≫ Ryzen 5 5600g Firmware Version-

Amd ≫ Ryzen 5 5600g Version-

Amd ≫ Ryzen 5 5600x Firmware Version-

Amd ≫ Ryzen 5 5600x Version-

Amd ≫ Ryzen 5 5600ge Firmware Version-

Amd ≫ Ryzen 5 5600ge Version-

Amd ≫ Ryzen 3 5300g Firmware Version-

Amd ≫ Ryzen 3 5300g Version-

Amd ≫ Ryzen 3 5300ge Firmware Version-

Amd ≫ Ryzen 3 5300ge Version-

Amd ≫ Ryzen Threadripper 2990wx Firmware Version-

Amd ≫ Ryzen Threadripper 2990wx Version-

Amd ≫ Ryzen Threadripper 2970wx Firmware Version-

Amd ≫ Ryzen Threadripper 2970wx Version-

Amd ≫ Ryzen Threadripper 2950x Firmware Version-

Amd ≫ Ryzen Threadripper 2950x Version-

Amd ≫ Ryzen Threadripper 2920x Firmware Version-

Amd ≫ Ryzen Threadripper 2920x Version-

Amd ≫ Ryzen Threadripper 3970x Firmware Version-

Amd ≫ Ryzen Threadripper 3970x Version-

Amd ≫ Ryzen Threadripper Pro 5995wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 5995wx Version-

Amd ≫ Ryzen Threadripper Pro 5975wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 5975wx Version-

Amd ≫ Ryzen Threadripper Pro 5965wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 5965wx Version-

Amd ≫ Ryzen Threadripper Pro 5955wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 5955wx Version-

Amd ≫ Ryzen Threadripper Pro 5945wx Firmware Version-

Amd ≫ Ryzen Threadripper Pro 5945wx Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.13%	0.327

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-26352

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-26352

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-26352

EUVD