CVE-2021-26365
8.2
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Exploitability: 3.9 / Impact: 4.2
Source: NVD
Description
Certain size values in firmware binary headers
could trigger out of bounds reads during signature validation, leading to
denial of service or potentially limited leakage of information about
out-of-bounds memory contents.
Affected (54)
Products: Amd: Ryzen 5 2400g Firmware, Ryzen 5 2400ge Firmware, Ryzen 3 2200ge Firmware, Ryzen 3 2200g Firmware, Ryzen 3 Pro 2100ge Firmware, Ryzen 9 5900x Firmware, Ryzen 9 5950x Firmware, Ryzen 9 5900 Firmware, Ryzen 7 5800 Firmware, Ryzen 7 5800x Firmware, Ryzen 7 5800x3d Firmware, Ryzen 7 5700x Firmware, Ryzen 5 5600 Firmware, Ryzen 5 5600x Firmware, Ryzen 5 5500 Firmware, Ryzen 3 3200u Firmware, Ryzen 3 3250c Firmware, Ryzen 3 3250u Firmware, Amd 3015e Firmware, Amd 3015ce Firmware, Ryzen 7 2800h Firmware, Ryzen 7 2700u Firmware, Ryzen 5 2600h Firmware, Ryzen 5 2500u Firmware, Ryzen 3 2300u Firmware, Ryzen 3 2200u Firmware, Ryzen 5 3400g Firmware, Ryzen 5 Pro 3400g Firmware, Ryzen 5 Pro 3400ge Firmware, Ryzen 5 Pro 3350g Firmware, Ryzen 5 Pro 3350ge Firmware, Ryzen 3 Pro 3200g Firmware, Ryzen 3 3200g Firmware, Ryzen 3 3200ge Firmware, Ryzen 3 Pro 3200ge Firmware, Ryzen 7 5700u Firmware, Ryzen 5 5500u Firmware, Ryzen 3 5300u Firmware, Ryzen 7 5700g Firmware, Ryzen 7 5700ge Firmware, Ryzen 5 5600g Firmware, Ryzen 5 5600ge Firmware, Ryzen 3 5300g Firmware, Ryzen 3 5300ge Firmware, Ryzen 9 6980hx Firmware, Ryzen 9 6980hs Firmware, Ryzen 9 6900hx Firmware, Ryzen 9 6900hs Firmware, Ryzen 7 6800h Firmware, Ryzen 7 6800hs Firmware, Ryzen 7 6800u Firmware, Ryzen 5 6600h Firmware, Ryzen 5 6600hs Firmware, Ryzen 5 6600u Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 2400g | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 2400ge | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 2200ge | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 2200g | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 Pro 2100ge | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 5900x | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 5950x | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 5900 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5800 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5800x | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5800x3d | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5700x | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600x | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5500 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before picassopi-fp5_1.0.0.d |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 3200u | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before picassopi-fp5_1.0.0.d |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 3250c | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before picassopi-fp5_1.0.0.d |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 3250u | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before pollockpi-ft5_1.0.0.3 |
| Running on/with | Platform Versions |
|---|---|
Amd Amd 3015e | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before pollockpi-ft5_1.0.0.3 |
| Running on/with | Platform Versions |
|---|---|
Amd Amd 3015ce | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 2800h | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 2700u | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 2600h | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 2500u | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 2300u | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 2200u | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 3400g | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 3400g | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 3400ge | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 3350g | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 Pro 3350ge | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 Pro 3200g | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 3200g | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 3200ge | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 Pro 3200ge | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5700u | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5500u | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5300u | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5700g | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 5700ge | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600g | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 5600ge | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5300g | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before cezannepi-fp6_1.0.0.8 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 3 5300ge | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 6980hx | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 6980hs | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 6900hx | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 9 6900hs | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 6800h | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 6800hs | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 7 6800u | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 6600h | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 6600hs | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before rmb_1.0.0.4 |
| Running on/with | Platform Versions |
|---|---|
Amd Ryzen 5 6600u | All versions |
References (2)
Source: psirt@amd.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.