CVE-2024-21961

MEDIUM

AMD EPYC 7002 Series Processors - Denial of Service via PCIe Link Memory Buffer Overflow

Title source: llm

Description

Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability.

References (2)

Core 2

Core References

Vendor Advisory

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html

Vendor Advisory

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

Scores

CVSS v4 6.0

EPSS 0.0002

EPSS Percentile 5.7%

CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-119

Status published

Products (22)

AMD/AMD EPYC™ 7002 Series Processors No Fix Planned

AMD/AMD EPYC™ Embedded 7002 Series Processors No fix planned

AMD/AMD Ryzen™ 3000 Series Desktop Processors Errata #1165,1166,1526

AMD/AMD Ryzen™ 4000 Series Desktop Processors Errata #1165,1166,1526

AMD/AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Errata #1165,1166,1526

AMD/AMD Ryzen™ 5000 Series Desktop Processors Errata #1165,1166,1526

AMD/AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Errata #1165,1166,1526

AMD/AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Errata #1165,1166,1526

AMD/AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Errata #1526

AMD/AMD Ryzen™ 7000 Series Desktop Processors Errata #1526

... and 12 more

Published Feb 13, 2026

Tracked Since Feb 18, 2026