Misconfiguration of TMRs May Lead to Loss of Integrity and Availability

CVE-2021-26367

5.7MEDIUM

Key Information

Vendor: Amd
Status: Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics; Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics; Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics; Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics
Vendor: CVE Published:; 13 August 2024

Summary

A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.

Affected Version(s)

AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics <= ComboAM4v2 PI 1.2.0.5

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics <= ComboAM4PI 1.0.0.9

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics >= ComboAM4PI 1.0.0.9

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 13, 2024
Vulnerability Reserved.
Jan 29, 2021

Collectors

NVD DatabaseMitre Database