CVE-2021-26371
Published: May 9, 2023
Modified: Jan 28, 2025
Description
A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure.
| Vendor | Product | Versions |
|---|---|---|
AMD | Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4 | affected various |
AMD | Ryzen™ 3000 Series Desktop Processors “Matisse” AM4 | affected various |
AMD | AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4 | affected various |
AMD | 3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT | affected various |
AMD | Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS | affected various |
AMD | Ryzen™ Threadripper™ PRO Processors “Chagall” WS | affected various |
AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP | affected various |
AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock” | affected various |
AMD | Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5 | affected various |
AMD | Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso” | affected various |
AMD | 1st Gen AMD EPYC™ Processors | affected various |
AMD | 2nd Gen AMD EPYC™ Processors | affected various |
AMD | 3rd Gen AMD EPYC™ Processors | affected various |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now