Information Disclosure in AMD Bootloader due to Malicious Applications
CVE-2021-26371

5.5MEDIUM

Key Information:

Vendor: Amd
Status: Ryzen™ 2000 Series Desktop Processors “raven Ridge” Am4; Ryzen™ 3000 Series Desktop Processors “matisse” Am4; Amd Ryzen™ 5000 Series Desktop Processors “vermeer” Am4; 3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt
Vendor: CVE Published:; 9 May 2023

Summary

A vulnerability exists in the AMD bootloader, where a compromised or malicious ABL (Application Boot Loader) or UApp (User Application) can exploit the system by sending a SHA256 system call to the bootloader. This improper handling may expose sensitive ASP (Application State Protocol) memory to userspace, potentially allowing unauthorized users to access confidential information stored within the system.

Affected Version(s)

1st Gen AMD EPYC™ Processors x86 various

2nd Gen AMD EPYC™ Processors x86 various

3rd Gen AMD EPYC™ Processors x86 various

References

https://www.amd.com/en/corporate/product-security/bulleti...

vendor-advisory

https://www.amd.com/en/corporate/product-security/bulleti...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 9, 2023
Vulnerability Reserved
Jan 29, 2021