Lucene search

[email protected]CVE-2021-26397

HistoryMay 09, 2023 - 7:15 p.m.

CVE-2021-26397

2023-05-0919:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2021-26397

address validation

memory corruption

security vulnerability

nvd

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7.3 High

AI Score

Confidence

High

3.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

8.5%

JSON

Insufficient address validation, may allow an
attacker with a compromised ABL and UApp to corrupt sensitive memory locations
potentially resulting in a loss of integrity or availability.

CPENameOperatorVersion
amd:epyc_72f3_firmwareamd epyc 72f3 firmwareltmilanpi_1.0.0.9
amd:epyc_7313_firmwareamd epyc 7313 firmwareltmilanpi_1.0.0.9
amd:epyc_7313p_firmwareamd epyc 7313p firmwareltmilanpi_1.0.0.9
amd:epyc_7343_firmwareamd epyc 7343 firmwareltmilanpi_1.0.0.9
amd:epyc_7373x_firmwareamd epyc 7373x firmwareltmilanpi_1.0.0.9
amd:epyc_73f3_firmwareamd epyc 73f3 firmwareltmilanpi_1.0.0.9
amd:epyc_7413_firmwareamd epyc 7413 firmwareltmilanpi_1.0.0.9
amd:epyc_7443_firmwareamd epyc 7443 firmwareltmilanpi_1.0.0.9
amd:epyc_7443p_firmwareamd epyc 7443p firmwareltmilanpi_1.0.0.9
amd:epyc_7453_firmwareamd epyc 7453 firmwareltmilanpi_1.0.0.9

CPE	Name	Operator	Version
amd:epyc_72f3_firmware	amd epyc 72f3 firmware	lt	milanpi_1.0.0.9
amd:epyc_7313_firmware	amd epyc 7313 firmware	lt	milanpi_1.0.0.9
amd:epyc_7313p_firmware	amd epyc 7313p firmware	lt	milanpi_1.0.0.9
amd:epyc_7343_firmware	amd epyc 7343 firmware	lt	milanpi_1.0.0.9
amd:epyc_7373x_firmware	amd epyc 7373x firmware	lt	milanpi_1.0.0.9
amd:epyc_73f3_firmware	amd epyc 73f3 firmware	lt	milanpi_1.0.0.9
amd:epyc_7413_firmware	amd epyc 7413 firmware	lt	milanpi_1.0.0.9
amd:epyc_7443_firmware	amd epyc 7443 firmware	lt	milanpi_1.0.0.9
amd:epyc_7443p_firmware	amd epyc 7443p firmware	lt	milanpi_1.0.0.9
amd:epyc_7453_firmware	amd epyc 7453 firmware	lt	milanpi_1.0.0.9

Rows per page:

1-10 of 231

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7.3 High

AI Score

Confidence

High

3.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

8.5%

JSON

Related for CVE-2021-26397

cvelist1 prion1 amd1