Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-26365

Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents.

Published

2023-05-09T19:15:10.780

Last Modified

2025-01-28T16:15:29.400

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

Weaknesses

Type: Primary
CWE-125
Type: Secondary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	amd	ryzen_5_2400g_firmware	-	Yes
Hardware	amd	ryzen_5_2400g	-	No
Operating System	amd	ryzen_5_2400ge_firmware	-	Yes
Hardware	amd	ryzen_5_2400ge	-	No
Operating System	amd	ryzen_3_2200ge_firmware	-	Yes
Hardware	amd	ryzen_3_2200ge	-	No
Operating System	amd	ryzen_3_2200g_firmware	-	Yes
Hardware	amd	ryzen_3_2200g	-	No
Operating System	amd	ryzen_3_pro_2100ge_firmware	-	Yes
Hardware	amd	ryzen_3_pro_2100ge	-	No
Operating System	amd	ryzen_9_5900x_firmware	-	Yes
Hardware	amd	ryzen_9_5900x	-	No
Operating System	amd	ryzen_9_5950x_firmware	-	Yes
Hardware	amd	ryzen_9_5950x	-	No
Operating System	amd	ryzen_9_5900_firmware	-	Yes
Hardware	amd	ryzen_9_5900	-	No
Operating System	amd	ryzen_7_5800_firmware	-	Yes
Hardware	amd	ryzen_7_5800	-	No
Operating System	amd	ryzen_7_5800x_firmware	-	Yes
Hardware	amd	ryzen_7_5800x	-	No
Operating System	amd	ryzen_7_5800x3d_firmware	-	Yes
Hardware	amd	ryzen_7_5800x3d	-	No
Operating System	amd	ryzen_7_5700x_firmware	-	Yes
Hardware	amd	ryzen_7_5700x	-	No
Operating System	amd	ryzen_5_5600_firmware	-	Yes
Hardware	amd	ryzen_5_5600	-	No
Operating System	amd	ryzen_5_5600x_firmware	-	Yes
Hardware	amd	ryzen_5_5600x	-	No
Operating System	amd	ryzen_5_5500_firmware	-	Yes
Hardware	amd	ryzen_5_5500	-	No
Operating System	amd	ryzen_3_3200u_firmware	< picassopi-fp5_1.0.0.d	Yes
Hardware	amd	ryzen_3_3200u	-	No
Operating System	amd	ryzen_3_3250c_firmware	< picassopi-fp5_1.0.0.d	Yes
Hardware	amd	ryzen_3_3250c	-	No
Operating System	amd	ryzen_3_3250u_firmware	< picassopi-fp5_1.0.0.d	Yes
Hardware	amd	ryzen_3_3250u	-	No
Operating System	amd	amd_3015e_firmware	< pollockpi-ft5_1.0.0.3	Yes
Hardware	amd	amd_3015e	-	No
Operating System	amd	amd_3015ce_firmware	< pollockpi-ft5_1.0.0.3	Yes
Hardware	amd	amd_3015ce	-	No
Operating System	amd	ryzen_7_2800h_firmware	-	Yes
Hardware	amd	ryzen_7_2800h	-	No
Operating System	amd	ryzen_7_2700u_firmware	-	Yes
Hardware	amd	ryzen_7_2700u	-	No
Operating System	amd	ryzen_5_2600h_firmware	-	Yes
Hardware	amd	ryzen_5_2600h	-	No
Operating System	amd	ryzen_5_2500u_firmware	-	Yes
Hardware	amd	ryzen_5_2500u	-	No
Operating System	amd	ryzen_3_2300u_firmware	-	Yes
Hardware	amd	ryzen_3_2300u	-	No
Operating System	amd	ryzen_3_2200u_firmware	-	Yes
Hardware	amd	ryzen_3_2200u	-	No
Operating System	amd	ryzen_5_3400g_firmware	-	Yes
Hardware	amd	ryzen_5_3400g	-	No
Operating System	amd	ryzen_5_pro_3400g_firmware	-	Yes
Hardware	amd	ryzen_5_pro_3400g	-	No
Operating System	amd	ryzen_5_pro_3400ge_firmware	-	Yes
Hardware	amd	ryzen_5_pro_3400ge	-	No
Operating System	amd	ryzen_5_pro_3350g_firmware	-	Yes
Hardware	amd	ryzen_5_pro_3350g	-	No
Operating System	amd	ryzen_5_pro_3350ge_firmware	-	Yes
Hardware	amd	ryzen_5_pro_3350ge	-	No
Operating System	amd	ryzen_3_pro_3200g_firmware	-	Yes
Hardware	amd	ryzen_3_pro_3200g	-	No
Operating System	amd	ryzen_3_3200g_firmware	-	Yes
Hardware	amd	ryzen_3_3200g	-	No
Operating System	amd	ryzen_3_3200ge_firmware	-	Yes
Hardware	amd	ryzen_3_3200ge	-	No
Operating System	amd	ryzen_3_pro_3200ge_firmware	-	Yes
Hardware	amd	ryzen_3_pro_3200ge	-	No
Operating System	amd	ryzen_7_5700u_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_7_5700u	-	No
Operating System	amd	ryzen_5_5500u_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_5_5500u	-	No
Operating System	amd	ryzen_3_5300u_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_3_5300u	-	No
Operating System	amd	ryzen_7_5700g_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_7_5700g	-	No
Operating System	amd	ryzen_7_5700ge_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_7_5700ge	-	No
Operating System	amd	ryzen_5_5600g_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_5_5600g	-	No
Operating System	amd	ryzen_5_5600ge_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_5_5600ge	-	No
Operating System	amd	ryzen_3_5300g_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_3_5300g	-	No
Operating System	amd	ryzen_3_5300ge_firmware	< cezannepi-fp6_1.0.0.8	Yes
Hardware	amd	ryzen_3_5300ge	-	No
Operating System	amd	ryzen_9_6980hx_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_9_6980hx	-	No
Operating System	amd	ryzen_9_6980hs_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_9_6980hs	-	No
Operating System	amd	ryzen_9_6900hx_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_9_6900hx	-	No
Operating System	amd	ryzen_9_6900hs_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_9_6900hs	-	No
Operating System	amd	ryzen_7_6800h_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_7_6800h	-	No
Operating System	amd	ryzen_7_6800hs_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_7_6800hs	-	No
Operating System	amd	ryzen_7_6800u_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_7_6800u	-	No
Operating System	amd	ryzen_5_6600h_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_5_6600h	-	No
Operating System	amd	ryzen_5_6600hs_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_5_6600hs	-	No
Operating System	amd	ryzen_5_6600u_firmware	< rmb_1.0.0.4	Yes
Hardware	amd	ryzen_5_6600u	-	No

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 Vendor Advisory ([email protected])
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)