Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-26393

Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confidentiality.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 5.5, requiring local system access to exploit with relatively low complexity without requiring user interaction requiring only low-level privileges . The vulnerability impacts confidentiality (data exposure), for affected systems. Impacting 180 products from amd, from amd, from amd and 177 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2022, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2022-11-09T21:15:12.607

Last Modified

2024-11-21T05:56:17.503

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-401

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	amd	enterprise_driver	< 22.10.20	Yes
Application	amd	radeon_pro_software	< 22.q2	Yes
Application	amd	radeon_software	< 22.5.2	Yes
Hardware	amd	radeon_pro_w5500	-	No
Hardware	amd	radeon_pro_w5500x	-	No
Hardware	amd	radeon_pro_w5700	-	No
Hardware	amd	radeon_pro_w5700x	-	No
Hardware	amd	radeon_pro_w6300m	-	No
Hardware	amd	radeon_pro_w6400	-	No
Hardware	amd	radeon_pro_w6500m	-	No
Hardware	amd	radeon_pro_w6600	-	No
Hardware	amd	radeon_pro_w6600m	-	No
Hardware	amd	radeon_pro_w6600x	-	No
Hardware	amd	radeon_pro_w6800	-	No
Hardware	amd	radeon_pro_w6800x	-	No
Hardware	amd	radeon_pro_w6800x_duo	-	No
Hardware	amd	radeon_pro_w6900x	-	No
Hardware	amd	radeon_rx_5300	-	No
Hardware	amd	radeon_rx_5300_xt	-	No
Hardware	amd	radeon_rx_5300m	-	No
Hardware	amd	radeon_rx_5500	-	No
Hardware	amd	radeon_rx_5500_xt	-	No
Hardware	amd	radeon_rx_5500m	-	No
Hardware	amd	radeon_rx_5600	-	No
Hardware	amd	radeon_rx_5600_xt	-	No
Hardware	amd	radeon_rx_5600m	-	No
Hardware	amd	radeon_rx_5700	-	No
Hardware	amd	radeon_rx_5700_xt	-	No
Hardware	amd	radeon_rx_5700m	-	No
Hardware	amd	radeon_rx_6300m	-	No
Hardware	amd	radeon_rx_6400	-	No
Hardware	amd	radeon_rx_6500_xt	-	No
Hardware	amd	radeon_rx_6500m	-	No
Hardware	amd	radeon_rx_6600	-	No
Hardware	amd	radeon_rx_6600_xt	-	No
Hardware	amd	radeon_rx_6600m	-	No
Hardware	amd	radeon_rx_6600s	-	No
Hardware	amd	radeon_rx_6650_xt	-	No
Hardware	amd	radeon_rx_6650m	-	No
Hardware	amd	radeon_rx_6650m_xt	-	No
Hardware	amd	radeon_rx_6700	-	No
Hardware	amd	radeon_rx_6700_xt	-	No
Hardware	amd	radeon_rx_6700m	-	No
Hardware	amd	radeon_rx_6700s	-	No
Hardware	amd	radeon_rx_6750_xt	-	No
Hardware	amd	radeon_rx_6800	-	No
Hardware	amd	radeon_rx_6800_xt	-	No
Hardware	amd	radeon_rx_6800m	-	No
Hardware	amd	radeon_rx_6800s	-	No
Hardware	amd	radeon_rx_6850m_xt	-	No
Hardware	amd	radeon_rx_6900_xt	-	No
Hardware	amd	radeon_rx_6950_xt	-	No
Operating System	amd	radeon_rx_vega_56_firmware	-	Yes
Hardware	amd	radeon_rx_vega_56	-	No
Operating System	amd	radeon_rx_vega_64_firmware	-	Yes
Hardware	amd	radeon_rx_vega_64	-	No
Operating System	amd	ryzen_3_2200ge_firmware	-	Yes
Hardware	amd	ryzen_3_2200ge	-	No
Operating System	amd	ryzen_3_2200g_firmware	-	Yes
Hardware	amd	ryzen_3_2200g	-	No
Operating System	amd	ryzen_5_2400ge_firmware	-	Yes
Hardware	amd	ryzen_5_2400ge	-	No
Operating System	amd	ryzen_5_2400g_firmware	-	Yes
Hardware	amd	ryzen_5_2400g	-	No
Operating System	amd	ryzen_3_5300ge_firmware	-	Yes
Hardware	amd	ryzen_3_5300ge	-	No
Operating System	amd	ryzen_3_5300g_firmware	-	Yes
Hardware	amd	ryzen_3_5300g	-	No
Operating System	amd	ryzen_5_5600ge_firmware	-	Yes
Hardware	amd	ryzen_5_5600ge	-	No
Operating System	amd	ryzen_5_5600g_firmware	-	Yes
Hardware	amd	ryzen_5_5600g	-	No
Operating System	amd	ryzen_7_5700ge_firmware	-	Yes
Hardware	amd	ryzen_7_5700ge	-	No
Operating System	amd	ryzen_7_5700g_firmware	-	Yes
Hardware	amd	ryzen_7_5700g	-	No
Operating System	amd	athlon_silver_3050e_firmware	-	Yes
Hardware	amd	athlon_silver_3050e	-	No
Operating System	amd	athlon_pro_3045b_firmware	-	Yes
Hardware	amd	athlon_pro_3045b	-	No
Operating System	amd	athlon_silver_3050u_firmware	-	Yes
Hardware	amd	athlon_silver_3050u	-	No
Operating System	amd	athlon_silver_3050c_firmware	-	Yes
Hardware	amd	athlon_silver_3050c	-	No
Operating System	amd	athlon_pro_3145b_firmware	-	Yes
Hardware	amd	athlon_pro_3145b	-	No
Operating System	amd	athlon_gold_3150u_firmware	-	Yes
Hardware	amd	athlon_gold_3150u	-	No
Operating System	amd	athlon_gold_3150c_firmware	-	Yes
Hardware	amd	athlon_gold_3150c	-	No
Operating System	amd	ryzen_3_3250u_firmware	-	Yes
Hardware	amd	ryzen_3_3250u	-	No
Operating System	amd	ryzen_3_3250c_firmware	-	Yes
Hardware	amd	ryzen_3_3250c	-	No
Operating System	amd	amd_3020e_firmware	-	Yes
Hardware	amd	amd_3020e	-	No
Operating System	amd	amd_3015e_firmware	-	Yes
Hardware	amd	amd_3015e	-	No
Operating System	amd	amd_3015ce_firmware	-	Yes
Hardware	amd	amd_3015ce	-	No
Operating System	amd	ryzen_3_2200u_firmware	-	Yes
Hardware	amd	ryzen_3_2200u	-	No
Operating System	amd	ryzen_3_2300u_firmware	-	Yes
Hardware	amd	ryzen_3_2300u	-	No
Operating System	amd	ryzen_5_2500u_firmware	-	Yes
Hardware	amd	ryzen_5_2500u	-	No
Operating System	amd	ryzen_5_2600h_firmware	-	Yes
Hardware	amd	ryzen_5_2600h	-	No
Operating System	amd	ryzen_7_2700u_firmware	-	Yes
Hardware	amd	ryzen_7_2700u	-	No
Operating System	amd	ryzen_7_2800h_firmware	-	Yes
Hardware	amd	ryzen_7_2800h	-	No
Operating System	amd	ryzen_3_3300u_firmware	-	Yes
Hardware	amd	ryzen_3_3300u	-	No
Operating System	amd	ryzen_3_3350u_firmware	-	Yes
Hardware	amd	ryzen_3_3350u	-	No
Operating System	amd	ryzen_5_3450u_firmware	-	Yes
Hardware	amd	ryzen_5_3450u	-	No
Operating System	amd	ryzen_5_3500u_firmware	-	Yes
Hardware	amd	ryzen_5_3500u	-	No
Operating System	amd	ryzen_5_3500c_firmware	-	Yes
Hardware	amd	ryzen_5_3500c	-	No
Operating System	amd	ryzen_5_3550h_firmware	-	Yes
Hardware	amd	ryzen_5_3550h	-	No
Operating System	amd	ryzen_5_3580u_firmware	-	Yes
Hardware	amd	ryzen_5_3580u	-	No
Operating System	amd	ryzen_7_3700u_firmware	-	Yes
Hardware	amd	ryzen_7_3700u	-	No
Operating System	amd	ryzen_7_3700c_firmware	-	Yes
Hardware	amd	ryzen_7_3700c	-	No
Operating System	amd	ryzen_7_3750h_firmware	-	Yes
Hardware	amd	ryzen_7_3750h	-	No
Operating System	amd	ryzen_7_3780u_firmware	-	Yes
Hardware	amd	ryzen_7_3780u	-	No
Operating System	amd	ryzen_3_pro_3200ge_firmware	-	Yes
Hardware	amd	ryzen_3_pro_3200ge	-	No
Operating System	amd	ryzen_3_3200g_firmware	-	Yes
Hardware	amd	ryzen_3_3200g	-	No
Operating System	amd	ryzen_3_pro_3200g_firmware	-	Yes
Hardware	amd	ryzen_3_pro_3200g	-	No
Operating System	amd	ryzen_5_pro_3350ge_firmware	-	Yes
Hardware	amd	ryzen_5_pro_3350ge	-	No
Operating System	amd	ryzen_5_pro_3350g_firmware	-	Yes
Hardware	amd	ryzen_5_pro_3350g	-	No
Operating System	amd	ryzen_5_pro_3400ge_firmware	-	Yes
Hardware	amd	ryzen_5_pro_3400ge	-	No
Operating System	amd	ryzen_5_pro_3400g_firmware	-	Yes
Hardware	amd	ryzen_5_pro_3400g	-	No
Operating System	amd	ryzen_5_3400g_firmware	-	Yes
Hardware	amd	ryzen_5_3400g	-	No
Operating System	amd	ryzen_3_5300u_firmware	-	Yes
Hardware	amd	ryzen_3_5300u	-	No
Operating System	amd	ryzen_5_5500u_firmware	-	Yes
Hardware	amd	ryzen_5_5500u	-	No
Operating System	amd	ryzen_7_5700u_firmware	-	Yes
Hardware	amd	ryzen_7_5700u	-	No
Operating System	amd	ryzen_3_5400u_firmware	-	Yes
Hardware	amd	ryzen_3_5400u	-	No
Operating System	amd	ryzen_5_5560u_firmware	-	Yes
Hardware	amd	ryzen_5_5560u	-	No
Operating System	amd	ryzen_5_5600u_firmware	-	Yes
Hardware	amd	ryzen_5_5600u	-	No
Operating System	amd	ryzen_5_5600h_firmware	-	Yes
Hardware	amd	ryzen_5_5600h	-	No
Operating System	amd	ryzen_5_5600hs_firmware	-	Yes
Hardware	amd	ryzen_5_5600hs	-	No
Operating System	amd	ryzen_7_5800u_firmware	-	Yes
Hardware	amd	ryzen_7_5800u	-	No
Operating System	amd	ryzen_7_5800h_firmware	-	Yes
Hardware	amd	ryzen_7_5800h	-	No
Operating System	amd	ryzen_7_5800hs_firmware	-	Yes
Hardware	amd	ryzen_7_5800hs	-	No
Operating System	amd	ryzen_9_5900hs_firmware	-	Yes
Hardware	amd	ryzen_9_5900hs	-	No
Operating System	amd	ryzen_9_5900hx_firmware	-	Yes
Hardware	amd	ryzen_9_5900hx	-	No
Operating System	amd	ryzen_9_5980hs_firmware	-	Yes
Hardware	amd	ryzen_9_5980hs	-	No
Operating System	amd	ryzen_9_5980hx_firmware	-	Yes
Hardware	amd	ryzen_9_5980hx	-	No

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029 Vendor Advisory ([email protected])
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001 ([email protected])
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001 (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For amd's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.