CVE-2021-26363

A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AMDCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
VendorProductVersion
amdradeon_software
-
amdryzen_3_3100_firmware
-
amdryzen_3_3300g_firmware
-
amdryzen_3_3300x_firmware
-
amdryzen_3_5400u_firmware
-
amdryzen_9_5900hs_firmware
-
amdryzen_9_5900hx_firmware
-
amdryzen_9_5980hs_firmware
-
amdryzen_9_5980hx_firmware
-
amdryzen_3_5125c_firmware
-
amdryzen_3_5425c_firmware
-
amdryzen_7_3700x_firmware
-
amdryzen_9_3900x_firmware
-
amdryzen_9_3950x_firmware
-
amdryzen_7_3800x_firmware
-
amdryzen_3_5425u_firmware
-
amdryzen_5_3400g_firmware
-
amdryzen_7_5800h_firmware
-
amdryzen_7_5800hs_firmware
-
amdryzen_7_5800u_firmware
-
amdryzen_7_5825c_firmware
-
amdryzen_7_5825u_firmware
-
amdryzen_5_3450g_firmware
-
amdryzen_5_3600_firmware
-
amdryzen_5_3600x_firmware
-
amdryzen_5_5560u_firmware
-
amdryzen_5_5600h_firmware
-
amdryzen_5_5600u_firmware
-
amdryzen_5_5600hs_firmware
-
amdryzen_5_5600x_firmware
-
amdryzen_5_5625c_firmware
-
amdryzen_5_5625u_firmware
-
amdryzen_5_5700g_firmware
-
amdryzen_5_5700ge_firmware
-
𝑥
= Vulnerable software versions
References
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027