7.4
CVE-2021-26356
- EPSS 0.14%
- Published 09.05.2023 19:15:10
- Last modified 28.01.2025 16:15:29
- Source psirt@amd.com
- Teams watchlist Login
- Open Login
A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure.
Data is provided by the National Vulnerability Database (NVD)
Amd ≫ Epyc 7001 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7251 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7261 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7281 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7301 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7351 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7351p Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7371 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7401 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7401p Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7451 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7501 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7551 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7551p Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7601 Firmware Version < naplespi_1.0.0.h
Amd ≫ Epyc 7002 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7232p Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7252 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7262 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7272 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7282 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7302 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7302p Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7352 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7402 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7402p Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7452 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7502 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7532 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7542 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7552 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7642 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7662 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7702 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7702p Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7f32 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7f52 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7f72 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7h12 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7742 Firmware Version < romepi_1.0.0.d
Amd ≫ Epyc 7773x Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7763 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7713p Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7713 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7663 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7643 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 75f3 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7573x Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7543p Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7543 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7513 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 74f3 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7473x Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7443p Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7443 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7453 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7413 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7373x Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7313 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7313p Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 7343 Firmware Version < milanpi_1.0.0.6
Amd ≫ Epyc 72f3 Firmware Version < milanpi_1.0.0.6
Amd ≫ Ryzen 9 3950x Firmware Version-
Amd ≫ Ryzen 9 3950xt Firmware Version-
Amd ≫ Ryzen 9 3900 Firmware Version-
Amd ≫ Ryzen 9 3900x Firmware Version-
Amd ≫ Ryzen 7 3800x Firmware Version-
Amd ≫ Ryzen 7 3800xt Firmware Version-
Amd ≫ Ryzen 7 3700xt Firmware Version-
Amd ≫ Ryzen 5 3600x Firmware Version-
Amd ≫ Ryzen 5 3600xt Firmware Version-
Amd ≫ Ryzen 5 3600 Firmware Version-
Amd ≫ Ryzen 5 3500x Firmware Version-
Amd ≫ Ryzen 5 3500 Firmware Version-
Amd ≫ Ryzen 3 3300x Firmware Version-
Amd ≫ Ryzen 3 3100 Firmware Version-
Amd ≫ Ryzen 9 5950x Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 9 5900x Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 9 5900 Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 7 5800x3d Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 7 5800x Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 7 5800 Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 7 5700x Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 5 5600 Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 5 5600x Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen 5 5500 Firmware Version < comboam4_v2_pi_1.2.0.6
Amd ≫ Ryzen Threadripper 3990x Firmware Version-
Amd ≫ Ryzen Threadripper 3970x Firmware Version-
Amd ≫ Ryzen Threadripper 3960x Firmware Version-
Amd ≫ Ryzen Threadripper Pro 3995wx Firmware Version-
Amd ≫ Ryzen Threadripper Pro 3975wx Firmware Version-
Amd ≫ Ryzen Threadripper Pro 3955wx Firmware Version-
Amd ≫ Ryzen Threadripper Pro 3945wx Firmware Version-
Amd ≫ Ryzen Threadripper Pro 5955wx Firmware Version-
Amd ≫ Ryzen Threadripper Pro 5965wx Firmware Version-
Amd ≫ Ryzen Threadripper Pro 5945wx Firmware Version-
Amd ≫ Ryzen Threadripper Pro 5975wx Firmware Version-
Amd ≫ Ryzen Threadripper Pro 5995wx Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.3 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.4 | 2.2 | 5.2 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.4 | 2.2 | 5.2 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.