Memory Buffer Operations Vulnerability in PCIe Link by AMD
CVE-2024-21961

6MEDIUM

Key Information:

Vendor: Amd
Status: Amd Epyc™ 7002 Series Processors; Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics; Amd Ryzen™ 7000 Series Desktop Processors; Amd Ryzen™ 5000 Series Desktop Processors
Vendor: CVE Published:; 12 February 2026

What is CVE-2024-21961?

A vulnerability exists in the PCIe Link where improper restrictions on operations within the bounds of a memory buffer can be exploited by an attacker with access to a guest virtual machine. This could potentially lead to a denial of service attack against the host system, which may result in significant interruptions in service and loss of system availability.

Affected Version(s)

AMD EPYC™ 7002 Series Processors No Fix Planned

AMD EPYC™ Embedded 7002 Series Processors No fix planned

AMD Ryzen™ 3000 Series Desktop Processors Errata #1165,1166,1526

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2026
Vulnerability Reserved
Jan 3, 2024

CVE-2024-21961 Data

JSON

Amd

What is CVE-2024-21961?

Affected Version(s)

References

CVSS V4

Timeline