Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-26379

Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially leading to a loss of integrity and privilege escalation.

Published

2023-05-09T19:15:10.863

Last Modified

2025-01-28T16:15:29.910

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	amd	epyc_72f3_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_72f3	-	No
Operating System	amd	epyc_7313_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7313	-	No
Operating System	amd	epyc_7313p_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7313p	-	No
Operating System	amd	epyc_7343_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7343	-	No
Operating System	amd	epyc_7373x_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7373x	-	No
Operating System	amd	epyc_73f3_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_73f3	-	No
Operating System	amd	epyc_7413_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7413	-	No
Operating System	amd	epyc_7443_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7443	-	No
Operating System	amd	epyc_7443p_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7443p	-	No
Operating System	amd	epyc_7453_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7453	-	No
Operating System	amd	epyc_7473x_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7473x	-	No
Operating System	amd	epyc_74f3_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_74f3	-	No
Operating System	amd	epyc_7513_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7513	-	No
Operating System	amd	epyc_7543_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7543	-	No
Operating System	amd	epyc_7543p_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7543p	-	No
Operating System	amd	epyc_7573x_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7573x	-	No
Operating System	amd	epyc_75f3_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_75f3	-	No
Operating System	amd	epyc_7643_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7643	-	No
Operating System	amd	epyc_7663_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7663	-	No
Operating System	amd	epyc_7713_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7713	-	No
Operating System	amd	epyc_7713p_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7713p	-	No
Operating System	amd	epyc_7763_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7763	-	No
Operating System	amd	epyc_7773x_firmware	< milanpi_1.0.0.9	Yes
Hardware	amd	epyc_7773x	-	No
Operating System	amd	epyc_7232p_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7232p	-	No
Operating System	amd	epyc_7252_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7252	-	No
Operating System	amd	epyc_7262_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7262	-	No
Operating System	amd	epyc_7272_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7272	-	No
Operating System	amd	epyc_7282_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7282	-	No
Operating System	amd	epyc_7302_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7302	-	No
Operating System	amd	epyc_7302p_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7302p	-	No
Operating System	amd	epyc_7352_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7352	-	No
Operating System	amd	epyc_7402_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7402	-	No
Operating System	amd	epyc_7402p_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7402p	-	No
Operating System	amd	epyc_7452_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7452	-	No
Operating System	amd	epyc_7502_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7502	-	No
Operating System	amd	epyc_7502p_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7502p	-	No
Operating System	amd	epyc_7532_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7532	-	No
Operating System	amd	epyc_7542_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7542	-	No
Operating System	amd	epyc_7552_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7552	-	No
Operating System	amd	epyc_7642_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7642	-	No
Operating System	amd	epyc_7662_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7662	-	No
Operating System	amd	epyc_7702_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7702	-	No
Operating System	amd	epyc_7702p_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7702p	-	No
Operating System	amd	epyc_7742_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7742	-	No
Operating System	amd	epyc_7f32_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7f32	-	No
Operating System	amd	epyc_7f52_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7f52	-	No
Operating System	amd	epyc_7f72_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7f72	-	No
Operating System	amd	epyc_7h12_firmware	< romepi_1.0.0.e	Yes
Hardware	amd	epyc_7h12	-	No

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 Vendor Advisory ([email protected])
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)