Lucene search
HistoryMay 11, 2022 - 5:15 p.m.
CVE-2021-26364
cve-2021-26364
insufficient bounds checking
smu mailbox register
denial of service
nvd
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.
Affected configurations
Node
amdepyc_7232p_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7232pMatch-
Node
amdepyc_7302p_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7302pMatch-
Node
amdepyc_7402p_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7402pMatch-
Node
amdepyc_7502p_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7502pMatch-
Node
amdepyc_7702p_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7702pMatch-
Node
amdepyc_7252_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7252Match-
Node
amdepyc_7262_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7262Match-
Node
amdepyc_7272_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7272Match-
Node
amdepyc_7282_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7282Match-
Node
amdepyc_7302_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7302Match-
Node
amdepyc_7352_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7352Match-
Node
amdepyc_7402_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7402Match-
Node
amdepyc_7452_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7452Match-
Node
amdepyc_7502_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7502Match-
Node
amdepyc_7532_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7532Match-
Node
amdepyc_7542_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7542Match-
Node
amdepyc_7552_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7552Match-
Node
amdepyc_7642_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7642Match-
Node
amdepyc_7662_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7662Match-
Node
amdepyc_7702_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7702Match-
Node
amdepyc_7742_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7742Match-
Node
amdepyc_7f32_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7f32Match-
Node
amdepyc_7f52_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7f52Match-
Node
amdepyc_7f72_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7f72Match-
Node
amdepyc_7f32_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7f32Match-
Node
amdepyc_7f52_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7f52Match-
Node
amdepyc_7f72_firmwareRange<romepi-sp3_1.0.0.d
amdepyc_7f72Match-
Node
amdepyc_7313p_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7313pMatch-
Node
amdepyc_7443p_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7443pMatch-
Node
amdepyc_7543p_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7543pMatch-
Node
amdepyc_7713p_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7713pMatch-
Node
amdepyc_7773x_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7773xMatch-
Node
amdepyc_7763_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7763Match-
Node
amdepyc_7713_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7713Match-
Node
amdepyc_7663_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7663Match-
Node
amdepyc_7643_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7643Match-
Node
amdepyc_7573x_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7573xMatch-
Node
amdepyc_75f3_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_75f3Match-
Node
amdepyc_7513_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7513Match-
Node
amdepyc_7473x_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7473xMatch-
Node
amdepyc_7453_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7453Match-
Node
amdepyc_74f3_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_74f3Match-
Node
amdepyc_7413_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7413Match-
Node
amdepyc_73f3_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_73f3Match-
Node
amdepyc_7373x_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7373xMatch-
Node
amdepyc_7343_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_7343Match-
Node
amdepyc_72f3_firmwareRange<milanpi-sp3_1.0.0.7
amdepyc_72f3Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| amd:epyc_7232p_firmware | amd epyc 7232p firmware | lt | romepi-sp3_1.0.0.d |
CNA Affected
[
{
"product": " EPYC™ Processors ",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various "
}
]
}
]Social References
More
Related
cnvd
cnvd
AMD CPUs Denial of Service Vulnerability
2022-05-13 00:00:00
prion
prion
Out-of-bounds
2022-05-11 17:15:00
cvelist
cvelist
CVE-2021-26364
2022-05-10 00:00:00
nvd
nvd
CVE-2021-26364
2022-05-11 17:15:08
amd
amd
AMD Server Vulnerabilities - May 2022
2022-05-10 00:00:00
nessus
nessus
SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1847-1)
2022-05-26 00:00:00
SUSE SLES12 Security Update : kernel-firmware (SUSE-SU-2022:1846-1)
2022-05-26 00:00:00
SUSE SLED15 / SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1840-1)
2022-05-26 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:1840-1)
2022-05-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1846-1)
2022-05-26 00:00:00
openSUSE: Security Advisory for kernel-firmware (SUSE-SU-2022:1840-1)
2022-05-26 00:00:00
suse
suse
Security update for kernel-firmware (moderate)
2022-05-25 00:00:00
Security update for kernel-firmware (important)
2022-06-02 00:00:00
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2021-26364