CVE-2021-26329

Published: Nov 16, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

AMD System Management Unit (SMU) may experience an integer overflow when an invalid length is provided which may result in a potential loss of resources.

Affected (57)

Products: Amd: Epyc 7601 Firmware, Epyc 7551p Firmware, Epyc 7551 Firmware, Epyc 7501 Firmware, Epyc 7451 Firmware, Epyc 7401 Firmware, Epyc 7371 Firmware, Epyc 7351p Firmware, Epyc 7351 Firmware, Epyc 7301 Firmware, Epyc 7281 Firmware, Epyc 7261 Firmware, Epyc 7251 Firmware, Epyc 7f72 Firmware, Epyc 7f52 Firmware, Epyc 7f32 Firmware, Epyc 7h12 Firmware, Epyc 7742 Firmware, Epyc 7702 Firmware, Epyc 7702p Firmware, Epyc 7662 Firmware, Epyc 7642 Firmware, Epyc 7552 Firmware, Epyc 7542 Firmware, Epyc 7532 Firmware, Epyc 7502 Firmware, Epyc 7502p Firmware, Epyc 7452 Firmware, Epyc 7402 Firmware, Epyc 7402p Firmware, Epyc 7352 Firmware, Epyc 7302 Firmware, Epyc 7302p Firmware, Epyc 7282 Firmware, Epyc 7272 Firmware, Epyc 7262 Firmware, Epyc 7252 Firmware, Epyc 7232p Firmware, Epyc 7763 Firmware, Epyc 7713p Firmware, Epyc 7713 Firmware, Epyc 7663 Firmware, Epyc 7643 Firmware, Epyc 75f3 Firmware, Epyc 7543p Firmware, Epyc 7543 Firmware, Epyc 7513 Firmware, Epyc 7453 Firmware, Epyc 74f3 Firmware, Epyc 7443p Firmware, Epyc 7443 Firmware, Epyc 7413 Firmware, Epyc 73f3 Firmware, Epyc 7343 Firmware, Epyc 7313p Firmware, Epyc 7313 Firmware, Epyc 72f3 Firmware

57 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7601 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7601	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7551p Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7551p	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7551 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7551	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7501 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7501	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7451 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7451	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7401 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7401	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7371 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7371	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7351p Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7351p	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7351 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7351	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7301 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7301	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7281 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7281	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7261 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7261	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7251 Firmware	Before naplespi-sp3_1.0.0.g

Running on/with	Platform Versions
Amd Epyc 7251	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7f72 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7f72	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7f52 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7f52	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7f32 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7f32	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7h12 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7h12	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7742 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7742	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7702 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7702	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7702p Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7702p	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7662 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7662	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7642 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7642	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7552 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7552	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7542 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7542	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7532 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7532	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7502 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7502	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7502p Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7502p	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7452 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7452	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7402 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7402	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7402p Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7402p	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7352 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7352	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7302 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7302	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7302p Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7302p	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7282 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7282	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7272 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7272	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7262 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7262	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7252 Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7252	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7232p Firmware	Before romepi-sp3_1.0.0.c

Running on/with	Platform Versions
Amd Epyc 7232p	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7763 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7763	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7713p Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7713p	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7713 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7713	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7663 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7663	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7643 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7643	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 75f3 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 75f3	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7543p Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7543p	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7543 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7543	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7513 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7513	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7453 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7453	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 74f3 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 74f3	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7443p Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7443p	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7443 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7443	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7413 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7413	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 73f3 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 73f3	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7343 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7343	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7313p Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7313p	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 7313 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 7313	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Epyc 72f3 Firmware	Before milanpi-sp3_1.0.0.4

Running on/with	Platform Versions
Amd Epyc 72f3	All versions

Related CWEs

CWE-130

Improper Handling of Length Parameter Inconsistency

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

CWE-190

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (2)

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021

Source: psirt@amd.com

Vendor Advisory

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.