CVE-2021-26365

EPSS 0.17%
Published 09.05.2023 19:15:10
Last modified 28.01.2025 16:15:29
Source psirt@amd.com
Teams watchlist Login
Open Login

Certain size values in firmware binary headers
could trigger out of bounds reads during signature validation, leading to
denial of service or potentially limited leakage of information about
out-of-bounds memory contents.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Amd ≫ Ryzen 5 2400g Firmware Version-

Amd ≫ Ryzen 5 2400g Version-

Amd ≫ Ryzen 5 2400ge Firmware Version-

Amd ≫ Ryzen 5 2400ge Version-

Amd ≫ Ryzen 3 2200ge Firmware Version-

Amd ≫ Ryzen 3 2200ge Version-

Amd ≫ Ryzen 3 2200g Firmware Version-

Amd ≫ Ryzen 3 2200g Version-

Amd ≫ Ryzen 3 Pro 2100ge Firmware Version-

Amd ≫ Ryzen 3 Pro 2100ge Version-

Amd ≫ Ryzen 9 5900x Firmware Version-

Amd ≫ Ryzen 9 5900x Version-

Amd ≫ Ryzen 9 5950x Firmware Version-

Amd ≫ Ryzen 9 5950x Version-

Amd ≫ Ryzen 9 5900 Firmware Version-

Amd ≫ Ryzen 9 5900 Version-

Amd ≫ Ryzen 7 5800 Firmware Version-

Amd ≫ Ryzen 7 5800 Version-

Amd ≫ Ryzen 7 5800x Firmware Version-

Amd ≫ Ryzen 7 5800x Version-

Amd ≫ Ryzen 7 5800x3d Firmware Version-

Amd ≫ Ryzen 7 5800x3d Version-

Amd ≫ Ryzen 7 5700x Firmware Version-

Amd ≫ Ryzen 7 5700x Version-

Amd ≫ Ryzen 5 5600 Firmware Version-

Amd ≫ Ryzen 5 5600 Version-

Amd ≫ Ryzen 5 5600x Firmware Version-

Amd ≫ Ryzen 5 5600x Version-

Amd ≫ Ryzen 5 5500 Firmware Version-

Amd ≫ Ryzen 5 5500 Version-

Amd ≫ Ryzen 3 3200u Firmware Version < picassopi-fp5_1.0.0.d

Amd ≫ Ryzen 3 3200u Version-

Amd ≫ Ryzen 3 3250c Firmware Version < picassopi-fp5_1.0.0.d

Amd ≫ Ryzen 3 3250c Version-

Amd ≫ Ryzen 3 3250u Firmware Version < picassopi-fp5_1.0.0.d

Amd ≫ Ryzen 3 3250u Version-

Amd ≫ Amd 3015e Firmware Version < pollockpi-ft5_1.0.0.3

Amd ≫ Amd 3015e Version-

Amd ≫ Amd 3015ce Firmware Version < pollockpi-ft5_1.0.0.3

Amd ≫ Amd 3015ce Version-

Amd ≫ Ryzen 7 2800h Firmware Version-

Amd ≫ Ryzen 7 2800h Version-

Amd ≫ Ryzen 7 2700u Firmware Version-

Amd ≫ Ryzen 7 2700u Version-

Amd ≫ Ryzen 5 2600h Firmware Version-

Amd ≫ Ryzen 5 2600h Version-

Amd ≫ Ryzen 5 2500u Firmware Version-

Amd ≫ Ryzen 5 2500u Version-

Amd ≫ Ryzen 3 2300u Firmware Version-

Amd ≫ Ryzen 3 2300u Version-

Amd ≫ Ryzen 3 2200u Firmware Version-

Amd ≫ Ryzen 3 2200u Version-

Amd ≫ Ryzen 5 3400g Firmware Version-

Amd ≫ Ryzen 5 3400g Version-

Amd ≫ Ryzen 5 Pro 3400g Firmware Version-

Amd ≫ Ryzen 5 Pro 3400g Version-

Amd ≫ Ryzen 5 Pro 3400ge Firmware Version-

Amd ≫ Ryzen 5 Pro 3400ge Version-

Amd ≫ Ryzen 5 Pro 3350g Firmware Version-

Amd ≫ Ryzen 5 Pro 3350g Version-

Amd ≫ Ryzen 5 Pro 3350ge Firmware Version-

Amd ≫ Ryzen 5 Pro 3350ge Version-

Amd ≫ Ryzen 3 Pro 3200g Firmware Version-

Amd ≫ Ryzen 3 Pro 3200g Version-

Amd ≫ Ryzen 3 3200g Firmware Version-

Amd ≫ Ryzen 3 3200g Version-

Amd ≫ Ryzen 3 3200ge Firmware Version-

Amd ≫ Ryzen 3 3200ge Version-

Amd ≫ Ryzen 3 Pro 3200ge Firmware Version-

Amd ≫ Ryzen 3 Pro 3200ge Version-

Amd ≫ Ryzen 7 5700u Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 7 5700u Version-

Amd ≫ Ryzen 5 5500u Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 5 5500u Version-

Amd ≫ Ryzen 3 5300u Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 3 5300u Version-

Amd ≫ Ryzen 7 5700g Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 7 5700g Version-

Amd ≫ Ryzen 7 5700ge Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 7 5700ge Version-

Amd ≫ Ryzen 5 5600g Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 5 5600g Version-

Amd ≫ Ryzen 5 5600ge Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 5 5600ge Version-

Amd ≫ Ryzen 3 5300g Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 3 5300g Version-

Amd ≫ Ryzen 3 5300ge Firmware Version < cezannepi-fp6_1.0.0.8

Amd ≫ Ryzen 3 5300ge Version-

Amd ≫ Ryzen 9 6980hx Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 9 6980hx Version-

Amd ≫ Ryzen 9 6980hs Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 9 6980hs Version-

Amd ≫ Ryzen 9 6900hx Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 9 6900hx Version-

Amd ≫ Ryzen 9 6900hs Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 9 6900hs Version-

Amd ≫ Ryzen 7 6800h Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 7 6800h Version-

Amd ≫ Ryzen 7 6800hs Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 7 6800hs Version-

Amd ≫ Ryzen 7 6800u Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 7 6800u Version-

Amd ≫ Ryzen 5 6600h Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 5 6600h Version-

Amd ≫ Ryzen 5 6600hs Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 5 6600hs Version-

Amd ≫ Ryzen 5 6600u Firmware Version < rmb_1.0.0.4

Amd ≫ Ryzen 5 6600u Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.17%	0.355

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.2	3.9	4.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.2	3.9	4.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-26365

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-26365

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-26365

EUVD