Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-26342
HistoryMay 11, 2022 - 5:15 p.m.

CVE-2021-26342

2022-05-1117:15:08
[email protected]
web.nvd.nist.gov
95
4
cve-2021-26342
tlb
sev
guest vm
memory disclosure
nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.

Affected configurations

NVD
Node
amdepyc_7763_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7763Match-
Node
amdepyc_7713p_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7713pMatch-
Node
amdepyc_7713_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7713Match-
Node
amdepyc_7663_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7663Match-
Node
amdepyc_7643_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7643Match-
Node
amdepyc_75f3_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_75f3Match-
Node
amdepyc_7543p_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7543pMatch-
Node
amdepyc_7543_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7543Match-
Node
amdepyc_7513_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7513Match-
Node
amdepyc_7453_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7453Match-
Node
amdepyc_74f3_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_74f3Match-
Node
amdepyc_7443p_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7443pMatch-
Node
amdepyc_7443_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7443Match-
Node
amdepyc_7413_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7413Match-
Node
amdepyc_73f3_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_73f3Match-
Node
amdepyc_7343_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7343Match-
Node
amdepyc_7313p_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7313pMatch-
Node
amdepyc_7313_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7313Match-
Node
amdepyc_72f3_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_72f3Match-
Node
amdepyc_7773x_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7773xMatch-
Node
amdepyc_7473x_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7473xMatch-
Node
amdepyc_7573x_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7573xMatch-
Node
amdepyc_7373x_firmwareRange<milanpi-sp3_1.0.0.7
AND
amdepyc_7373xMatch-
Node
amdepyc_7001_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7001Match-
Node
amdepyc_7251_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7251Match-
Node
amdepyc_7261_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7261Match-
Node
amdepyc_7281_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7281Match-
Node
amdepyc_7301_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7301Match-
Node
amdepyc_7351_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7351Match-
Node
amdepyc_7351p_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7351pMatch-
Node
amdepyc_7371_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7371Match-
Node
amdepyc_7401_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7401Match-
Node
amdepyc_7401p_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7401pMatch-
Node
amdepyc_7451_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7451Match-
Node
amdepyc_7501_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7501Match-
Node
amdepyc_7551_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7551Match-
Node
amdepyc_7551p_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7551pMatch-
Node
amdepyc_7601_firmwareRange<naplespi-sp3_1.0.0.h
AND
amdepyc_7601Match-

CNA Affected

[
  {
    "product": " EPYC™ Processors ",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

Social References

More

Related

prion 1
cvelist 1
nvd 1
amd 1
openvas 7
nessus 5
suse 2
prion
prion
Code injection
2022-05-11 17:15:00
cvelist
cvelist
CVE-2021-26342
2022-05-10 00:00:00
nvd
nvd
CVE-2021-26342
2022-05-11 17:15:08
amd
amd
AMD Server Vulnerabilities - May 2022
2022-05-10 00:00:00
openvas
openvas
openSUSE: Security Advisory for kernel-firmware (SUSE-SU-2022:1840-1)
2022-05-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1840-1)
2022-05-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1846-1)
2022-05-26 00:00:00
nessus
nessus
SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1847-1)
2022-05-26 00:00:00
SUSE SLES12 Security Update : kernel-firmware (SUSE-SU-2022:1846-1)
2022-05-26 00:00:00
SUSE SLED15 / SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1840-1)
2022-05-26 00:00:00
suse
suse
Security update for kernel-firmware (moderate)
2022-05-25 00:00:00
Security update for kernel-firmware (important)
2022-06-02 00:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for CVE-2021-26342
prion1cvelist1nvd1amd1openvas7nessus5suse2