Heap Overflow Vulnerability in AMD System Management Unit
CVE-2021-26330

5.5MEDIUM

Key Information:

Vendor: Amd
Status: 1st Gen Amd Epyc™; 2nd Gen Amd Epyc™; 3rd Gen Amd Epyc™
Vendor: CVE Published:; 16 November 2021

What is CVE-2021-26330?

The AMD System Management Unit (SMU) has a vulnerability that can lead to a heap-based overflow. This issue may potentially result in resource loss, impacting the stability and functionality of affected systems. It is essential for users of AMD products to apply any available security updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

1st Gen AMD EPYC™ < unspecified

2nd Gen AMD EPYC™ < unspecified

3rd Gen AMD EPYC™ < unspecified

References

https://www.amd.com/en/corporate/product-security/bulleti...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 16, 2021
Vulnerability Reserved
Jan 29, 2021

Amd

What is CVE-2021-26330?

Affected Version(s)

References

CVSS V3.1

Timeline