Misconfiguration of TMRs May Lead to Loss of Integrity and Availability
CVE-2021-26367

6MEDIUM

Key Information:

Vendor
Amd
Status
Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics
Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics
Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics
Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics
Vendor
CVE Published:
13 August 2024

Summary

A security vulnerability exists in certain AMD processors wherein a malicious actor can exploit misconfigurations of Trusted Memory Regions (TMRs). This exploitation allows the attacker to define arbitrary address ranges for TMRs, which could lead to significant challenges concerning the integrity and availability of the system. It is essential for users of affected AMD products to be aware of this issue and to apply the available security updates provided by the vendor to mitigate risks.

Affected Version(s)

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics ComboAM4PI 1.0.0.9

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics PicassoPI-FP5 1.0.0.E

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics PollockPI-FT5 1.0.0.4

References

https://www.amd.com/en/resources/product-security/bulleti...
https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.