CVE-2021-26352

Published: May 10, 2022Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.

Affected (30)

Amd

30 products

Ryzen 5 2600 Firmware

Ryzen 5 2600x Firmware

Ryzen 5 2700x Firmware

Ryzen 5 2700 Firmware

Ryzen 5 3600 Firmware

Ryzen 5 3600x Firmware

Ryzen 7 3700x Firmware

Ryzen 7 3800x Firmware

Ryzen 9 3900x Firmware

Ryzen 9 3950x Firmware

Ryzen 9 5950x Firmware

Ryzen 9 5900x Firmware

Ryzen 7 5800x Firmware

Ryzen 7 5700g Firmware

Ryzen 7 5700ge Firmware

Ryzen 5 5600g Firmware

Ryzen 5 5600x Firmware

Ryzen 5 5600ge Firmware

Ryzen 3 5300g Firmware

Ryzen 3 5300ge Firmware

Ryzen Threadripper 2990wx Firmware

Ryzen Threadripper 2970wx Firmware

Ryzen Threadripper 2950x Firmware

Ryzen Threadripper 2920x Firmware

Ryzen Threadripper 3970x Firmware

Ryzen Threadripper Pro 5995wx Firmware

Ryzen Threadripper Pro 5975wx Firmware

Ryzen Threadripper Pro 5965wx Firmware

Ryzen Threadripper Pro 5955wx Firmware

Ryzen Threadripper Pro 5945wx Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 2600 Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 2600	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 2600x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 2600x	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 2700x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 2700x	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 2700 Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 2700	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 3600 Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 3600	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 3600x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 3600x	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 7 3700x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 7 3700x	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 7 3800x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 7 3800x	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 9 3900x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 9 3900x	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 9 3950x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 9 3950x	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 9 5950x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 9 5950x	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 9 5900x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 9 5900x	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 7 5800x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 7 5800x	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 7 5700g Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 7 5700g	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 7 5700ge Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 7 5700ge	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 5600g Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 5600g	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 5600x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 5600x	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 5 5600ge Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 5 5600ge	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 3 5300g Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 3 5300g	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen 3 5300ge Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen 3 5300ge	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper 2990wx Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper 2990wx	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper 2970wx Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper 2970wx	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper 2950x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper 2950x	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper 2920x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper 2920x	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper 3970x Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper 3970x	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper Pro 5995wx Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper Pro 5995wx	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper Pro 5975wx Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper Pro 5975wx	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper Pro 5965wx Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper Pro 5965wx	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper Pro 5955wx Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper Pro 5955wx	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amd Ryzen Threadripper Pro 5945wx Firmware	All versions

Running on/with	Platform Versions
Amd Ryzen Threadripper Pro 5945wx	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027

Source: psirt@amd.com

Vendor Advisory

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.