CVE-2021-26365
8.2HIGH
Key Information
- Vendor
- Amd
- Status
- Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4
- Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics “cezanne” Am4
- Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Ulp
- Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “pollock”
- Vendor
- CVE Published:
- 9 May 2023
Summary
Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents.
Affected Version(s)
Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4 = various
Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4 = various
Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP = various
CVSS V3.1
Score:
8.2
Severity:
HIGH
Confidentiality:
Low
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database