CVE-2021-26367

MEDIUM

x86 - Memory Corruption

Title source: llm

Description

A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.

References (2)

[Vendor Advisory] https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html

[Vendor Advisory] https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html

Scores

CVSS v3 5.7

EPSS 0.0004

EPSS Percentile 10.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

Classification

Status published

Affected Products (37)

amd/radeon_software < 23.12.1

amd/radeon_software < 23.q4

amd/ryzen_9_5980hx_firmware < cezannepi-fp6_1.0.0.6

amd/ryzen_3_3300u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_3_3350u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_5_3450u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_5_3500u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_5_3500c_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_5_3550h_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_5_3580u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_7_3700u_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_7_3700c_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_7_3750h_firmware < picassopi-fp5_1.0.0.e

amd/ryzen_7_3780u_firmware < picassopi-fp5_1.0.0.e

amd/athlon_gold_3150c_firmware < picassopi-fp5_1.0.0.e

... and 22 more

Timeline

Published Aug 13, 2024

Tracked Since Feb 18, 2026