CVE-2021-26408
7.1
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Exploitability: 1.8 / Impact: 5.2
Source: NVD
Description
Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.
Affected (38)
Products: Amd: Epyc 7002 Firmware, Epyc 7001 Firmware, Epyc 7232p Firmware, Epyc 7252 Firmware, Epyc 7262 Firmware, Epyc 7272 Firmware, Epyc 7282 Firmware, Epyc 7302 Firmware, Epyc 7302p Firmware, Epyc 7352 Firmware, Epyc 7402 Firmware, Epyc 7402p Firmware, Epyc 7452 Firmware, Epyc 7502 Firmware, Epyc 7502p Firmware, Epyc 7532 Firmware, Epyc 7542 Firmware, Epyc 7552 Firmware, Epyc 7642 Firmware, Epyc 7662 Firmware, Epyc 7702 Firmware, Epyc 7702p Firmware, Epyc 7742 Firmware, Epyc 7f32 Firmware, Epyc 7f52 Firmware, Epyc 7f72 Firmware, Epyc 7251 Firmware, Epyc 7281 Firmware, Epyc 7301 Firmware, Epyc 7351 Firmware, Epyc 7351p Firmware, Epyc 7401 Firmware, Epyc 7401p Firmware, Epyc 7451 Firmware, Epyc 7501 Firmware, Epyc 7551 Firmware, Epyc 7551p Firmware, Epyc 7601 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7002 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7001 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7232p | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7252 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7262 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7272 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7282 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7302 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7302p | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7352 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7402 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7402p | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7452 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7502 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7502p | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7532 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7542 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7552 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7642 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7662 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7702 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7702p | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7742 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7f32 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7f52 | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before romepi-sp3_1.0.0.c |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7f72 | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7251 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7281 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7301 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7351 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7351p | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7401 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7401p | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7451 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7501 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7551 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7551p | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before naplespi-sp3_1.0.0.g |
| Running on/with | Platform Versions |
|---|---|
Amd Epyc 7601 | All versions |
References (2)
Source: psirt@amd.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.