CVE-2021-26365

CVSS 8.2 HIGHEPSS 0.6%CWE-125

Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Productos afectados

AMD · Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP AMD · Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”AMD · Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4 AMD · Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5 AMD · Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”AMD · Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir”AMD · Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4 AMD · Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”AMD · Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”AMD · Ryzen™ 6000 Series Mobile Processors "Rembrandt"

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001