CVE-2021-26320

5.5MEDIUM

Key Information:

Vendor: Amd
Status: 1st Gen Amd Epyc™; 2nd Gen Amd Epyc™; 3rd Gen Amd Epyc™
Vendor: CVE Published:; 16 November 2021

Summary

Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP

Affected Version(s)

1st Gen AMD EPYC™ < unspecified

2nd Gen AMD EPYC™ < unspecified

3rd Gen AMD EPYC™ < unspecified

References

https://www.amd.com/en/corporate/product-security/bulleti...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 16, 2021
Vulnerability Reserved
Jan 29, 2021

Collectors

NVD DatabaseMitre Database