Lucene search

AMDCVELIST:CVE-2021-26334

HistoryDec 01, 2021 - 3:43 p.m.

CVE-2021-26334 AMD Chipset Driver Information Disclosure Vulnerability

2021-12-0115:43:24

CWE-284

AMD

www.cve.org

amd

chipset

driver

information disclosure

vulnerability

amdpowerprofiler.sys

msrs

kernel

privilege escalation

ring-0

code execution

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

43.2%

JSON

The AMDPowerProfiler.sys driver of AMD μProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user.

CNA Affected

[
  {
    "product": "μProf Tool",
    "vendor": "AMD",
    "versions": [
      {
        "lessThan": "3.4.494",
        "status": "affected",
        "version": "μProf Tool",
        "versionType": "custom"
      }
    ]
  }
]

References

www.amd.com/en/corporate/product-security/bulletin/amd-sb-1016