CVE-2021-26406
Published: May 9, 2023
Modified: Jan 28, 2025
Description
Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service.
| Vendor | Product | Versions |
|---|---|---|
AMD | Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4 | affected various |
AMD | Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge” | affected various |
AMD | Ryzen™ 3000 Series Desktop Processors “Matisse” AM4 | affected various |
AMD | AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4 | affected various |
AMD | 2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax” | affected various |
AMD | 3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT | affected various |
AMD | Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS | affected various |
AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP | affected various |
AMD | Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock” | affected various |
AMD | Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5 | affected various |
AMD | Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso” | affected various |
AMD | 1st Gen AMD EPYC™ Processors | affected various |
AMD | 2nd Gen AMD EPYC™ Processors | affected various |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now