CVE-2021-26392

Published: Nov 9, 2022

Modified: Sep 16, 2024

PUBLISHED

Description

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.

Vendor	Product	Versions
AMD	AMD Radeon RX 5000 Series & PRO W5000 Series	affected `AMD Radeon Software - < 22.5.2` affected `AMD Radeon Pro Software Enterprise - < 22.Q2` affected `Enterprise Driver - < 22.10.20`
AMD	AMD Radeon RX 6000 Series & PRO W6000 Series	affected `AMD Radeon Software - < 22.5.2` affected `AMD Radeon Pro Software Enterprise - < 22.Q2` affected `Enterprise Driver - < 22.10.20`
AMD	AMD Ryzen™ Embedded R1000	affected `various`
AMD	AMD Ryzen™ Embedded R2000	affected `various`
AMD	AMD Ryzen™ Embedded 5000	affected `various`
AMD	AMD Ryzen™ Embedded V1000	affected `various`
AMD	AMD Ryzen™ Embedded V2000	affected `various`
AMD	AMD Ryzen™Embedded V3000	affected `various`

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-26392

Description

Affected Products

References