Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-26369

A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses.

Published

2022-05-12T18:16:53.257

Last Modified

2024-11-21T05:56:13.677

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

3.9

Impact Score

6.4

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	amd	radeon_software	-	Yes
Operating System	amd	athlon_3050ge_firmware	-	Yes
Hardware	amd	athlon_3050ge	-	No
Operating System	amd	athlon_3150g_firmware	-	Yes
Hardware	amd	athlon_3150g	-	No
Operating System	amd	athlon_3150ge_firmware	-	Yes
Hardware	amd	athlon_3150ge	-	No
Operating System	amd	ryzen_3_2200u_firmware	-	Yes
Hardware	amd	ryzen_3_2200u	-	No
Operating System	amd	ryzen_3_2300u_firmware	-	Yes
Hardware	amd	ryzen_3_2300u	-	No
Operating System	amd	ryzen_3_3100_firmware	-	Yes
Hardware	amd	ryzen_3_3100	-	No
Operating System	amd	ryzen_3_3300g_firmware	-	Yes
Hardware	amd	ryzen_3_3300g	-	No
Operating System	amd	ryzen_3_3300x_firmware	-	Yes
Hardware	amd	ryzen_3_3300x	-	No
Operating System	amd	ryzen_3_5125c_firmware	-	Yes
Hardware	amd	ryzen_3_5125c	-	No
Operating System	amd	ryzen_3_5400u_firmware	-	Yes
Hardware	amd	ryzen_3_5400u	-	No
Operating System	amd	ryzen_3_5425c_firmware	-	Yes
Hardware	amd	ryzen_3_5425c	-	No
Operating System	amd	ryzen_3_5425u_firmware	-	Yes
Hardware	amd	ryzen_3_5425u	-	No
Operating System	amd	ryzen_5_2500u_firmware	-	Yes
Hardware	amd	ryzen_5_2500u	-	No
Operating System	amd	ryzen_5_2600_firmware	-	Yes
Hardware	amd	ryzen_5_2600	-	No
Operating System	amd	ryzen_5_2600h_firmware	-	Yes
Hardware	amd	ryzen_5_2600h	-	No
Operating System	amd	ryzen_5_2600x_firmware	-	Yes
Hardware	amd	ryzen_5_2600x	-	No
Operating System	amd	ryzen_5_3400g_firmware	-	Yes
Hardware	amd	ryzen_5_3400g	-	No
Operating System	amd	ryzen_5_3450g_firmware	-	Yes
Hardware	amd	ryzen_5_3450g	-	No
Operating System	amd	ryzen_5_3600_firmware	-	Yes
Hardware	amd	ryzen_5_3600	-	No
Operating System	amd	ryzen_5_3600x_firmware	-	Yes
Hardware	amd	ryzen_5_3600x	-	No
Operating System	amd	ryzen_5_5600h_firmware	-	Yes
Hardware	amd	ryzen_5_5600h	-	No
Operating System	amd	ryzen_5_5600hs_firmware	-	Yes
Hardware	amd	ryzen_5_5600hs	-	No
Operating System	amd	ryzen_5_5600u_firmware	-	Yes
Hardware	amd	ryzen_5_5600u	-	No
Operating System	amd	ryzen_5_5600x_firmware	-	Yes
Hardware	amd	ryzen_5_5600x	-	No
Operating System	amd	ryzen_5_5625c_firmware	-	Yes
Hardware	amd	ryzen_5_5625c	-	No
Operating System	amd	ryzen_5_5625u_firmware	-	Yes
Hardware	amd	ryzen_5_5625u	-	No
Operating System	amd	ryzen_5_5700g_firmware	-	Yes
Hardware	amd	ryzen_5_5700g	-	No
Operating System	amd	ryzen_5_5700ge_firmware	-	Yes
Hardware	amd	ryzen_5_5700ge	-	No
Operating System	amd	ryzen_7_2700_firmware	-	Yes
Hardware	amd	ryzen_7_2700	-	No
Operating System	amd	ryzen_7_2700u_firmware	-	Yes
Hardware	amd	ryzen_7_2700u	-	No
Operating System	amd	ryzen_7_2700x_firmware	-	Yes
Hardware	amd	ryzen_7_2700x	-	No
Operating System	amd	ryzen_7_2800h_firmware	-	Yes
Hardware	amd	ryzen_7_2800h	-	No
Operating System	amd	ryzen_7_3700x_firmware	-	Yes
Hardware	amd	ryzen_7_3700x	-	No
Operating System	amd	ryzen_7_3800x_firmware	-	Yes
Hardware	amd	ryzen_7_3800x	-	No
Operating System	amd	ryzen_7_5800h_firmware	-	Yes
Hardware	amd	ryzen_7_5800h	-	No
Operating System	amd	ryzen_7_5800hs_firmware	-	Yes
Hardware	amd	ryzen_7_5800hs	-	No
Operating System	amd	ryzen_7_5800u_firmware	-	Yes
Hardware	amd	ryzen_7_5800u	-	No
Operating System	amd	ryzen_7_5825c_firmware	-	Yes
Hardware	amd	ryzen_7_5825c	-	No
Operating System	amd	ryzen_7_5825u_firmware	-	Yes
Hardware	amd	ryzen_7_5825u	-	No
Operating System	amd	ryzen_9_3900x_firmware	-	Yes
Hardware	amd	ryzen_9_3900x	-	No
Operating System	amd	ryzen_9_3950x_firmware	-	Yes
Hardware	amd	ryzen_9_3950x	-	No
Operating System	amd	ryzen_9_5900hs_firmware	-	Yes
Hardware	amd	ryzen_9_5900hs	-	No
Operating System	amd	ryzen_9_5900hx_firmware	-	Yes
Hardware	amd	ryzen_9_5900hx	-	No
Operating System	amd	ryzen_9_5980hs_firmware	-	Yes
Hardware	amd	ryzen_9_5980hs	-	No
Operating System	amd	ryzen_9_5980hx_firmware	-	Yes
Hardware	amd	ryzen_9_5980hx	-	No
Operating System	amd	ryzen_threadripper_2920x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2920x	-	No
Operating System	amd	ryzen_threadripper_2950x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2950x	-	No
Operating System	amd	ryzen_threadripper_2970wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2970wx	-	No
Operating System	amd	ryzen_threadripper_2990wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2990wx	-	No

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 Vendor Advisory ([email protected])
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)