CVE-2021-26383

EPSS 0.02%
Veröffentlicht 05.09.2025 23:21:25
Zuletzt bearbeitet 08.09.2025 16:25:38
Quelle psirt@amd.com
Teams Watchlist Login
Unerledigt Login

Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerAMD

≫

Produkt AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics

Default Statusaffected

Version CezannePI-FP6 1.0.0.6

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ 4000 Series Desktop Processors

Default Statusaffected

Version ComboAM4v2 PI 1.2.0.5

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics

Default Statusaffected

Version CezannePI-FP6 1.0.0.6

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics

Default Statusaffected

Version ComboAM4v2 PI 1.2.0.5

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics

Default Statusaffected

Version RenoirPI-FP6 1.0.0.7

Status unaffected

HerstellerAMD

≫

Produkt AMD Ryzen™ Embedded V2000 Series Processors

Default Statusaffected

Version EmbeddedPI-FP6_1.0.0.6

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ RX 5000 Series Graphics Products

Default Statusaffected

Version AMD Software: Adrenalin Edition 23.2.1 (22.40.01.45)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ RX 6000 Series Graphics Products

Default Statusaffected

Version AMD Software: Adrenalin Edition 23.2.1 (22.40.01.45)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO W5000 Series Graphics Products

Default Statusaffected

Version AMD Software: PRO Edition 23.Q1 (22.40.37.05)

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO W6000 Series Graphics Products

Default Statusaffected

Version AMD Software: PRO Edition 23.Q1 (22.40.37.05)

Status unaffected

HerstellerAMD

≫

Produkt AMD Instinct™ MI210

Default Statusaffected

Version ROCm 6.4

Status unaffected

HerstellerAMD

≫

Produkt AMD Instinct™ MI250

Default Statusaffected

Version ROCm 6.4

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO V520 Graphics Products

Default Statusaffected

Version Contact your AMD Customer Engineering representative

Status unaffected

HerstellerAMD

≫

Produkt AMD Radeon™ PRO V620 Graphics Products

Default Statusaffected

Version Contact your AMD Customer Engineering representative

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.029

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@amd.com	7.9	1.5	5.8	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html

https://nvd.nist.gov/vuln/detail/CVE-2021-26383

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-26383

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-26383

EUVD