Lucene search

[email protected]CVE-2021-26328

HistoryJan 11, 2023 - 8:15 a.m.

CVE-2021-26328

2023-01-1108:15:10

[email protected]

web.nvd.nist.gov

cve-2021-26328

cpu execution

snp_init

memory integrity

snp guests

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Failure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss of memory integrity for SNP guests.

Affected configurations

NVD

Node

amdepyc_7003_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7003Match-

Node

amdepyc_72f3_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_72f3Match-

Node

amdepyc_7313_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7313Match-

Node

amdepyc_7313p_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7313pMatch-

Node

amdepyc_7343_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7343Match-

Node

amdepyc_7373x_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7373xMatch-

Node

amdepyc_73f3_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_73f3Match-

Node

amdepyc_7413_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7413Match-

Node

amdepyc_7443_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7443Match-

Node

amdepyc_7443p_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7443pMatch-

Node

amdepyc_7453_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7453Match-

Node

amdepyc_74f3_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_74f3Match-

Node

amdepyc_7513_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7513Match-

Node

amdepyc_7543Match-

AND

amdepyc_7543_firmwareRange<milanpi_1.0.0.8

Node

amdepyc_7543pMatch-

AND

amdepyc_7543p_firmwareRange<milanpi_1.0.0.8

Node

amdepyc_7573xMatch-

AND

amdepyc_7573x_firmwareRange<milanpi_1.0.0.8

Node

amdepyc_75f3Match-

AND

amdepyc_75f3_firmwareRange<milanpi_1.0.0.8

Node

amdepyc_7643Match-

AND

amdepyc_7643_firmwareRange<milanpi_1.0.0.8

Node

amdepyc_7663Match-

AND

amdepyc_7663_firmwareRange<milanpi_1.0.0.8

Node

amdepyc_7713Match-

AND

amdepyc_7713_firmwareRange<milanpi_1.0.0.8

Node

amdepyc_7713pMatch-

AND

amdepyc_7713p_firmwareRange<milanpi_1.0.0.8

Node

amdepyc_7743_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7743Match-

Node

amdepyc_7763_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7763Match-

Node

amdepyc_7773x_firmwareRange<milanpi_1.0.0.8

AND

amdepyc_7773xMatch-

CPENameOperatorVersion
amd:epyc_7003_firmwareamd epyc 7003 firmwareltmilanpi_1.0.0.8

CPE	Name	Operator	Version
amd:epyc_7003_firmware	amd epyc 7003 firmware	lt	milanpi_1.0.0.8

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "3rd Gen EPYC",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]