← volver
CVE-2021-26383

CVE-2021-26383

CVSS 7.9 HIGHEPSS 0.2%CWE-787
Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
Productos afectados
AMD · AMD Instinct™ MI210AMD · AMD Instinct™ MI250AMD · AMD Radeon™ PRO V520 Graphics ProductsAMD · AMD Radeon™ PRO V620 Graphics ProductsAMD · AMD Radeon™ PRO W5000 Series Graphics ProductsAMD · AMD Radeon™ PRO W6000 Series Graphics ProductsAMD · AMD Radeon™ RX 5000 Series Graphics ProductsAMD · AMD Radeon™ RX 6000 Series Graphics ProductsAMD · AMD Ryzen™ 4000 Series Desktop ProcessorsAMD · AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ GraphicsAMD · AMD Ryzen™ Embedded V2000 Series Processors

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.htmlhttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.htmlhttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html