CVE-2021-26369

EPSS 0.14%
Published 12.05.2022 18:16:53
Last modified 21.11.2024 05:56:13
Source psirt@amd.com
Teams watchlist Login
Open Login

A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Amd ≫ Radeon Software Version-

Amd ≫ Athlon 3050ge Firmware Version-

Amd ≫ Athlon 3050ge Version-

Amd ≫ Athlon 3150g Firmware Version-

Amd ≫ Athlon 3150g Version-

Amd ≫ Athlon 3150ge Firmware Version-

Amd ≫ Athlon 3150ge Version-

Amd ≫ Ryzen 3 2200u Firmware Version-

Amd ≫ Ryzen 3 2200u Version-

Amd ≫ Ryzen 3 2300u Firmware Version-

Amd ≫ Ryzen 3 2300u Version-

Amd ≫ Ryzen 3 3100 Firmware Version-

Amd ≫ Ryzen 3 3100 Version-

Amd ≫ Ryzen 3 3300g Firmware Version-

Amd ≫ Ryzen 3 3300g Version-

Amd ≫ Ryzen 3 3300x Firmware Version-

Amd ≫ Ryzen 3 3300x Version-

Amd ≫ Ryzen 3 5125c Firmware Version-

Amd ≫ Ryzen 3 5125c Version-

Amd ≫ Ryzen 3 5400u Firmware Version-

Amd ≫ Ryzen 3 5400u Version-

Amd ≫ Ryzen 3 5425c Firmware Version-

Amd ≫ Ryzen 3 5425c Version-

Amd ≫ Ryzen 3 5425u Firmware Version-

Amd ≫ Ryzen 3 5425u Version-

Amd ≫ Ryzen 5 2500u Firmware Version-

Amd ≫ Ryzen 5 2500u Version-

Amd ≫ Ryzen 5 2600 Firmware Version-

Amd ≫ Ryzen 5 2600 Version-

Amd ≫ Ryzen 5 2600h Firmware Version-

Amd ≫ Ryzen 5 2600h Version-

Amd ≫ Ryzen 5 2600x Firmware Version-

Amd ≫ Ryzen 5 2600x Version-

Amd ≫ Ryzen 5 3400g Firmware Version-

Amd ≫ Ryzen 5 3400g Version-

Amd ≫ Ryzen 5 3450g Firmware Version-

Amd ≫ Ryzen 5 3450g Version-

Amd ≫ Ryzen 5 3600 Firmware Version-

Amd ≫ Ryzen 5 3600 Version-

Amd ≫ Ryzen 5 3600x Firmware Version-

Amd ≫ Ryzen 5 3600x Version-

Amd ≫ Ryzen 5 5600h Firmware Version-

Amd ≫ Ryzen 5 5600h Version-

Amd ≫ Ryzen 5 5600hs Firmware Version-

Amd ≫ Ryzen 5 5600hs Version-

Amd ≫ Ryzen 5 5600u Firmware Version-

Amd ≫ Ryzen 5 5600u Version-

Amd ≫ Ryzen 5 5600x Firmware Version-

Amd ≫ Ryzen 5 5600x Version-

Amd ≫ Ryzen 5 5625c Firmware Version-

Amd ≫ Ryzen 5 5625c Version-

Amd ≫ Ryzen 5 5625u Firmware Version-

Amd ≫ Ryzen 5 5625u Version-

Amd ≫ Ryzen 5 5700g Firmware Version-

Amd ≫ Ryzen 5 5700g Version-

Amd ≫ Ryzen 5 5700ge Firmware Version-

Amd ≫ Ryzen 5 5700ge Version-

Amd ≫ Ryzen 7 2700 Firmware Version-

Amd ≫ Ryzen 7 2700 Version-

Amd ≫ Ryzen 7 2700u Firmware Version-

Amd ≫ Ryzen 7 2700u Version-

Amd ≫ Ryzen 7 2700x Firmware Version-

Amd ≫ Ryzen 7 2700x Version-

Amd ≫ Ryzen 7 2800h Firmware Version-

Amd ≫ Ryzen 7 2800h Version-

Amd ≫ Ryzen 7 3700x Firmware Version-

Amd ≫ Ryzen 7 3700x Version-

Amd ≫ Ryzen 7 3800x Firmware Version-

Amd ≫ Ryzen 7 3800x Version-

Amd ≫ Ryzen 7 5800h Firmware Version-

Amd ≫ Ryzen 7 5800h Version-

Amd ≫ Ryzen 7 5800hs Firmware Version-

Amd ≫ Ryzen 7 5800hs Version-

Amd ≫ Ryzen 7 5800u Firmware Version-

Amd ≫ Ryzen 7 5800u Version-

Amd ≫ Ryzen 7 5825c Firmware Version-

Amd ≫ Ryzen 7 5825c Version-

Amd ≫ Ryzen 7 5825u Firmware Version-

Amd ≫ Ryzen 7 5825u Version-

Amd ≫ Ryzen 9 3900x Firmware Version-

Amd ≫ Ryzen 9 3900x Version-

Amd ≫ Ryzen 9 3950x Firmware Version-

Amd ≫ Ryzen 9 3950x Version-

Amd ≫ Ryzen 9 5900hs Firmware Version-

Amd ≫ Ryzen 9 5900hs Version-

Amd ≫ Ryzen 9 5900hx Firmware Version-

Amd ≫ Ryzen 9 5900hx Version-

Amd ≫ Ryzen 9 5980hs Firmware Version-

Amd ≫ Ryzen 9 5980hs Version-

Amd ≫ Ryzen 9 5980hx Firmware Version-

Amd ≫ Ryzen 9 5980hx Version-

Amd ≫ Ryzen Threadripper 2920x Firmware Version-

Amd ≫ Ryzen Threadripper 2920x Version-

Amd ≫ Ryzen Threadripper 2950x Firmware Version-

Amd ≫ Ryzen Threadripper 2950x Version-

Amd ≫ Ryzen Threadripper 2970wx Firmware Version-

Amd ≫ Ryzen Threadripper 2970wx Version-

Amd ≫ Ryzen Threadripper 2990wx Firmware Version-

Amd ≫ Ryzen Threadripper 2990wx Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.14%	0.343

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-26369

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-26369

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-26369

EUVD