CVE-2021-26406

🗓️ 09 May 2023 18:59:29Reported by AMDType

Insufficient validation in parsing OCA certificates in SEV can lead to host cras

Reporter	Title	Published	Views	Family All 11
Amd	AMD Server Vulnerabilities – May 2023	9 May 202300:00	–	amd
Amd	Client Vulnerabilities – May 2023	9 May 202300:00	–	amd
Circl	CVE-2021-26406	9 May 202322:38	–	circl
CNNVD	AMD Secure Encrypted Virtualization 安全漏洞	9 May 202300:00	–	cnnvd
Cvelist	CVE-2021-26406	9 May 202318:59	–	cvelist
EUVD	EUVD-2021-13212	7 Oct 202500:30	–	euvd
Hewlett-Packard	AMD Client UEFI Firmware May 2023 Security Update	9 May 202300:00	–	hp
NVD	CVE-2021-26406	9 May 202319:15	–	nvd
Prion	Input validation	9 May 202319:15	–	prion
Positive Technologies	PT-2023-12100 · Amd · Amd Secure Encrypted Virtualization +1	9 May 202300:00	–	ptsecurity

NVD

Node

amd epyc_7232p_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7232pMatch-

Node

amd epyc_7252_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7252Match-

Node

amd epyc_7262_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7262Match-

Node

amd epyc_7272_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7272Match-

Node

amd epyc_7282_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7282Match-

Node

amd epyc_7302_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7302Match-

Node

amd epyc_7302p_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7302pMatch-

Node

amd epyc_7352_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7352Match-

Node

amd epyc_7402_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7402Match-

Node

amd epyc_7402p_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7402pMatch-

Node

amd epyc_7452_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7452Match-

Node

amd epyc_7502_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7502Match-

Node

amd epyc_7502p_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7502pMatch-

Node

amd epyc_7532_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7532Match-

Node

amd epyc_7542_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7542Match-

Node

amd epyc_7552_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7552Match-

Node

amd epyc_7642_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7642Match-

Node

amd epyc_7662_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7662Match-

Node

amd epyc_7702_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7702Match-

Node

amd epyc_7702p_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7702pMatch-

Node

amd epyc_7742_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7742Match-

Node

amd epyc_7f32_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7f32Match-

Node

amd epyc_7f52_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7f52Match-

Node

amd epyc_7f72_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7f72Match-

Node

amd epyc_7h12_firmwareMatchromepi_1.0.0.a

AND

amd epyc_7h12Match-

Node

amd epyc_7251_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7251Match-

Node

amd epyc_7261_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7261Match-

Node

amd epyc_7281_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7281Match-

Node

amd epyc_7301_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7301Match-

Node

amd epyc_7351_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7351Match-

Node

amd epyc_7351p_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7351pMatch-

Node

amd epyc_7371_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7371Match-

Node

amd epyc_7401_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7401Match-

Node

amd epyc_7401p_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7401pMatch-

Node

amd epyc_7451_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7451Match-

Node

amd epyc_7501_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7501Match-

Node

amd epyc_7551_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7551Match-

Node

amd epyc_7551p_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7551pMatch-

Node

amd epyc_7571_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7571Match-

Node

amd epyc_7601_firmwareMatchnaplespi_1.0.0.e

AND

amd epyc_7601Match-

[
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Desktop Processors “Matisse” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics   “Pollock”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "1st Gen AMD EPYC™ Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "2nd Gen AMD EPYC™ Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

Source	Link
amd	www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001
amd	www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

28 Jan 2025 16:15Current

8.4High risk

Vulners AI Score8.4

CVSS 3.17.5

EPSS0.00445

SSVC