CVE-2021-26383

HIGH

AMD Ryzen 5000 Series Mobile Processors with Radeon Graphics - Out-of-bounds Write in TEE

Title source: llm

Description

Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability.

References (3)

Core 3

Core References

Vendor Advisory

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html

Vendor Advisory

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html

Vendor Advisory

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html

Scores

CVSS v3 7.9

EPSS 0.0001

EPSS Percentile 3.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (14)

AMD/AMD Instinct™ MI210 ROCm 6.4

AMD/AMD Instinct™ MI250 ROCm 6.4

AMD/AMD Radeon™ PRO V520 Graphics Products Contact your AMD Customer Engineering representative

AMD/AMD Radeon™ PRO V620 Graphics Products Contact your AMD Customer Engineering representative

AMD/AMD Radeon™ PRO W5000 Series Graphics Products AMD Software: PRO Edition 23.Q1 (22.40.37.05)

AMD/AMD Radeon™ PRO W6000 Series Graphics Products AMD Software: PRO Edition 23.Q1 (22.40.37.05)

AMD/AMD Radeon™ RX 5000 Series Graphics Products AMD Software: Adrenalin Edition 23.2.1 (22.40.01.45)

AMD/AMD Radeon™ RX 6000 Series Graphics Products AMD Software: Adrenalin Edition 23.2.1 (22.40.01.45)

AMD/AMD Ryzen™ 4000 Series Desktop Processors ComboAM4v2 PI 1.2.0.5

AMD/AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics RenoirPI-FP6 1.0.0.7

... and 4 more

Published Sep 06, 2025

Tracked Since Feb 18, 2026