CVE-2021-26345

1.9LOW

Key Information

Vendor: Amd
Status: 2nd Gen Amd Epyc™ Processors; 3rd Gen Amd Epyc™ Processors; 4th Gen Amd Epyc™ Processors; Amd Epyc™ Embedded 7002
Vendor: CVE Published:; 14 November 2023

Summary

Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.

Affected Version(s)

2nd Gen AMD EPYC™ Processors = various

3rd Gen AMD EPYC™ Processors = various

4th Gen AMD EPYC™ Processors = various

CVSS V3.1

Score:

1.9

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: 4.9 to: 1.9 - (LOW)
Aug 3, 2024
Risk change from: 4.9 to: 1.9 - (LOW)
Jun 18, 2024
Vulnerability published.
Nov 14, 2023
Vulnerability Reserved.
Jan 29, 2021

Collectors

NVD DatabaseMitre Database