Lucene search

[email protected]CVE-2021-26391

HistoryNov 09, 2022 - 9:15 p.m.

CVE-2021-26391

2022-11-0921:15:12

[email protected]

web.nvd.nist.gov

cve-2021-26391

insufficient verification

header signatures

trusted application

code execution

kernel

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.

Affected configurations

NVD

Node

amdradeon_pro_w5500Match-

amdradeon_pro_w5500xMatch-

amdradeon_pro_w5700Match-

amdradeon_pro_w5700xMatch-

amdradeon_pro_w6300mMatch-

amdradeon_pro_w6400Match-

amdradeon_pro_w6500mMatch-

amdradeon_pro_w6600Match-

amdradeon_pro_w6600mMatch-

amdradeon_pro_w6600xMatch-

amdradeon_pro_w6800Match-

amdradeon_pro_w6800xMatch-

amdradeon_pro_w6800x_duoMatch-

amdradeon_pro_w6900xMatch-

amdradeon_rx_5300Match-

amdradeon_rx_5300_xtMatch-

amdradeon_rx_5300mMatch-

amdradeon_rx_5500Match-

amdradeon_rx_5500_xtMatch-

amdradeon_rx_5500mMatch-

amdradeon_rx_5600Match-

amdradeon_rx_5600_xtMatch-

amdradeon_rx_5600mMatch-

amdradeon_rx_5700Match-

amdradeon_rx_5700_xtMatch-

amdradeon_rx_5700mMatch-

amdradeon_rx_6300mMatch-

amdradeon_rx_6400Match-

amdradeon_rx_6500_xtMatch-

amdradeon_rx_6500mMatch-

amdradeon_rx_6600Match-

amdradeon_rx_6600_xtMatch-

amdradeon_rx_6600mMatch-

amdradeon_rx_6600sMatch-

amdradeon_rx_6650_xtMatch-

amdradeon_rx_6650mMatch-

amdradeon_rx_6650m_xtMatch-

amdradeon_rx_6700Match-

amdradeon_rx_6700_xtMatch-

amdradeon_rx_6700mMatch-

amdradeon_rx_6700sMatch-

amdradeon_rx_6750_xtMatch-

amdradeon_rx_6800Match-

amdradeon_rx_6800_xtMatch-

amdradeon_rx_6800mMatch-

amdradeon_rx_6800sMatch-

amdradeon_rx_6850m_xtMatch-

amdradeon_rx_6900_xtMatch-

amdradeon_rx_6950_xtMatch-

AND

amdenterprise_driverRange<22.10.20

amdradeon_pro_softwareRange<22.q2enterprise

amdradeon_softwareRange<22.5.2

Node

amdradeon_rx_vega_56Match-

AND

amdradeon_rx_vega_56_firmwareMatch-

Node

amdradeon_rx_vega_64Match-

AND

amdradeon_rx_vega_64_firmwareMatch-

Node

amdryzen_3_5300ge_firmwareMatch-

AND

amdryzen_3_5300geMatch-

Node

amdryzen_3_5300g_firmwareMatch-

AND

amdryzen_3_5300gMatch-

Node

amdryzen_5_5600ge_firmwareMatch-

AND

amdryzen_5_5600geMatch-

Node

amdryzen_5_5600g_firmwareMatch-

AND

amdryzen_5_5600gMatch-

Node

amdryzen_7_5700ge_firmwareMatch-

AND

amdryzen_7_5700geMatch-

Node

amdryzen_7_5700g_firmwareMatch-

AND

amdryzen_7_5700gMatch-

Node

amdryzen_3_5300u_firmwareMatch-

AND

amdryzen_3_5300uMatch-

Node

amdryzen_5_5500u_firmwareMatch-

AND

amdryzen_5_5500uMatch-

Node

amdryzen_7_5700u_firmwareMatch-

AND

amdryzen_7_5700uMatch-

Node

amdryzen_3_5400u_firmwareMatch-

AND

amdryzen_3_5400uMatch-

Node

amdryzen_5_5560u_firmwareMatch-

AND

amdryzen_5_5560uMatch-

Node

amdryzen_5_5600u_firmwareMatch-

AND

amdryzen_5_5600uMatch-

Node

amdryzen_5_5600h_firmwareMatch-

AND

amdryzen_5_5600hMatch-

Node

amdryzen_5_5600hs_firmwareMatch-

AND

amdryzen_5_5600hsMatch-

Node

amdryzen_7_5800u_firmwareMatch-

AND

amdryzen_7_5800uMatch-

Node

amdryzen_7_5800h_firmwareMatch-

AND

amdryzen_7_5800hMatch-

Node

amdryzen_7_5800hs_firmwareMatch-

AND

amdryzen_7_5800hsMatch-

Node

amdryzen_9_5900hs_firmwareMatch-

AND

amdryzen_9_5900hsMatch-

Node

amdryzen_9_5900hx_firmwareMatch-

AND

amdryzen_9_5900hxMatch-

Node

amdryzen_9_5980hs_firmwareMatch-

AND

amdryzen_9_5980hsMatch-

Node

amdryzen_9_5980hx_firmwareMatch-

AND

amdryzen_9_5980hxMatch-

CPENameOperatorVersion
amd:enterprise_driveramd enterprise driverlt22.10.20
amd:radeon_pro_softwareamd radeon pro softwarelt22.q2
amd:radeon_softwareamd radeon softwarelt22.5.2

CPE	Name	Operator	Version
amd:enterprise_driver	amd enterprise driver	lt	22.10.20
amd:radeon_pro_software	amd radeon pro software	lt	22.q2
amd:radeon_software	amd radeon software	lt	22.5.2

CNA Affected

[
  {
    "vendor": "AMD",
    "product": "AMD Radeon RX 5000 Series & PRO W5000 Series ",
    "versions": [
      {
        "version": "AMD Radeon Software",
        "status": "affected",
        "lessThan": "22.5.2",
        "versionType": "custom"
      },
      {
        "version": "AMD Radeon Pro Software Enterprise",
        "status": "affected",
        "lessThan": "22.Q2",
        "versionType": "custom"
      },
      {
        "version": "Enterprise Driver",
        "status": "affected",
        "lessThan": "22.10.20",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "AMD",
    "product": "AMD Radeon RX 6000 Series & PRO W6000 Series ",
    "versions": [
      {
        "version": "AMD Radeon Software",
        "status": "affected",
        "lessThan": "22.5.2",
        "versionType": "custom"
      },
      {
        "version": "AMD Radeon Pro Software Enterprise",
        "status": "affected",
        "lessThan": "22.Q2",
        "versionType": "custom"
      },
      {
        "version": "Enterprise Driver",
        "status": "affected",
        "lessThan": "22.10.20",
        "versionType": "custom"
      }
    ]
  }
]