CVE-2021-26352

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AMDCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
VendorProductVersion
amdryzen_5_2600_firmware
-
amdryzen_5_2600x_firmware
-
amdryzen_5_2700x_firmware
-
amdryzen_5_2700_firmware
-
amdryzen_5_3600_firmware
-
amdryzen_5_3600x_firmware
-
amdryzen_7_3700x_firmware
-
amdryzen_7_3800x_firmware
-
amdryzen_9_3900x_firmware
-
amdryzen_9_3950x_firmware
-
amdryzen_9_5950x_firmware
-
amdryzen_9_5900x_firmware
-
amdryzen_7_5800x_firmware
-
amdryzen_7_5700g_firmware
-
amdryzen_7_5700ge_firmware
-
amdryzen_5_5600g_firmware
-
amdryzen_5_5600x_firmware
-
amdryzen_5_5600ge_firmware
-
amdryzen_3_5300g_firmware
-
amdryzen_3_5300ge_firmware
-
amdryzen_threadripper_2990wx_firmware
-
amdryzen_threadripper_2970wx_firmware
-
amdryzen_threadripper_2950x_firmware
-
amdryzen_threadripper_2920x_firmware
-
amdryzen_threadripper_3970x_firmware
-
amdryzen_threadripper_pro_5995wx_firmware
-
amdryzen_threadripper_pro_5975wx_firmware
-
amdryzen_threadripper_pro_5965wx_firmware
-
amdryzen_threadripper_pro_5955wx_firmware
-
amdryzen_threadripper_pro_5945wx_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027