CVE-2021-26356
EUVD-2021-1316209.05.2023, 19:15
A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| amd | ryzen_9_3950x_firmware | - |
| amd | ryzen_9_3950xt_firmware | - |
| amd | ryzen_9_3900_firmware | - |
| amd | ryzen_9_3900x_firmware | - |
| amd | ryzen_7_3800x_firmware | - |
| amd | ryzen_7_3800xt_firmware | - |
| amd | ryzen_7_3700xt_firmware | - |
| amd | ryzen_5_3600x_firmware | - |
| amd | ryzen_5_3600xt_firmware | - |
| amd | ryzen_5_3600_firmware | - |
| amd | ryzen_5_3500x_firmware | - |
| amd | ryzen_5_3500_firmware | - |
| amd | ryzen_3_3300x_firmware | - |
| amd | ryzen_3_3100_firmware | - |
| amd | ryzen_threadripper_3990x_firmware | - |
| amd | ryzen_threadripper_3970x_firmware | - |
| amd | ryzen_threadripper_3960x_firmware | - |
| amd | ryzen_threadripper_pro_3995wx_firmware | - |
| amd | ryzen_threadripper_pro_3975wx_firmware | - |
| amd | ryzen_threadripper_pro_3955wx_firmware | - |
| amd | ryzen_threadripper_pro_3945wx_firmware | - |
| amd | ryzen_threadripper_pro_5955wx_firmware | - |
| amd | ryzen_threadripper_pro_5965wx_firmware | - |
| amd | ryzen_threadripper_pro_5945wx_firmware | - |
| amd | ryzen_threadripper_pro_5975wx_firmware | - |
| amd | ryzen_threadripper_pro_5995wx_firmware | - |
𝑥
= Vulnerable software versions