Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-26390

A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.

Published

2022-05-10T19:15:08.870

Last Modified

2024-11-21T05:56:16.453

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.2 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:C/A:N

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: COMPLETE
Availability Impact: NONE

Exploitability Score

3.9

Impact Score

6.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	amd	ryzen_5_2600_firmware	-	Yes
Hardware	amd	ryzen_5_2600	-	No
Operating System	amd	ryzen_5_2600x_firmware	-	Yes
Hardware	amd	ryzen_5_2600x	-	No
Operating System	amd	ryzen_5_2700x_firmware	-	Yes
Hardware	amd	ryzen_5_2700x	-	No
Operating System	amd	ryzen_5_2700_firmware	-	Yes
Hardware	amd	ryzen_5_2700	-	No
Operating System	amd	ryzen_5_3600_firmware	-	Yes
Hardware	amd	ryzen_5_3600	-	No
Operating System	amd	ryzen_5_3600x_firmware	-	Yes
Hardware	amd	ryzen_5_3600x	-	No
Operating System	amd	ryzen_7_3700x_firmware	-	Yes
Hardware	amd	ryzen_7_3700x	-	No
Operating System	amd	ryzen_7_3800x_firmware	-	Yes
Hardware	amd	ryzen_7_3800x	-	No
Operating System	amd	ryzen_9_3900x_firmware	-	Yes
Hardware	amd	ryzen_9_3900x	-	No
Operating System	amd	ryzen_9_3950x_firmware	-	Yes
Hardware	amd	ryzen_9_3950x	-	No
Operating System	amd	ryzen_9_5950x_firmware	-	Yes
Hardware	amd	ryzen_9_5950x	-	No
Operating System	amd	ryzen_9_5900x_firmware	-	Yes
Hardware	amd	ryzen_9_5900x	-	No
Operating System	amd	ryzen_7_5800x_firmware	-	Yes
Hardware	amd	ryzen_7_5800x	-	No
Operating System	amd	ryzen_7_5700g_firmware	-	Yes
Hardware	amd	ryzen_7_5700g	-	No
Operating System	amd	ryzen_7_5700ge_firmware	-	Yes
Hardware	amd	ryzen_7_5700ge	-	No
Operating System	amd	ryzen_5_5600g_firmware	-	Yes
Hardware	amd	ryzen_5_5600g	-	No
Operating System	amd	ryzen_5_5600x_firmware	-	Yes
Hardware	amd	ryzen_5_5600x	-	No
Operating System	amd	ryzen_5_5600ge_firmware	-	Yes
Hardware	amd	ryzen_5_5600ge	-	No
Operating System	amd	ryzen_3_5300g_firmware	-	Yes
Hardware	amd	ryzen_3_5300g	-	No
Operating System	amd	ryzen_3_5300ge_firmware	-	Yes
Hardware	amd	ryzen_3_5300ge	-	No
Operating System	amd	ryzen_threadripper_2990wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2990wx	-	No
Operating System	amd	ryzen_threadripper_2970wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2970wx	-	No
Operating System	amd	ryzen_threadripper_2950x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2950x	-	No
Operating System	amd	ryzen_threadripper_2920x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_2920x	-	No
Operating System	amd	ryzen_threadripper_3970x_firmware	-	Yes
Hardware	amd	ryzen_threadripper_3970x	-	No
Operating System	amd	ryzen_threadripper_pro_5995wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_5995wx	-	No
Operating System	amd	ryzen_threadripper_pro_5975wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_5975wx	-	No
Operating System	amd	ryzen_threadripper_pro_5965wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_5965wx	-	No
Operating System	amd	ryzen_threadripper_pro_5955wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_5955wx	-	No
Operating System	amd	ryzen_threadripper_pro_5945wx_firmware	-	Yes
Hardware	amd	ryzen_threadripper_pro_5945wx	-	No
Operating System	amd	ryzen_7_3750h_firmware	-	Yes
Hardware	amd	ryzen_7_3750h	-	No
Operating System	amd	ryzen_7_3700u_firmware	-	Yes
Hardware	amd	ryzen_7_3700u	-	No
Operating System	amd	ryzen_5_3550h_firmware	-	Yes
Hardware	amd	ryzen_5_3550h	-	No
Operating System	amd	ryzen_5_3500u_firmware	-	Yes
Hardware	amd	ryzen_5_3500u	-	No
Operating System	amd	ryzen_3_3300u_firmware	-	Yes
Hardware	amd	ryzen_3_3300u	-	No
Operating System	amd	ryzen_3_3200u_firmware	-	Yes
Hardware	amd	ryzen_3_3200u	-	No
Operating System	amd	athlon_300u_firmware	-	Yes
Hardware	amd	athlon_300u	-	No

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 Vendor Advisory ([email protected])
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)