CVE-2021-26384

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions No specific software or versions mentioned

Description A malformed SMI command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI, resulting in a potential loss of resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

CVE-2021-26384

Affected Products

Athlon™ Series

Ryzen™ Series

Athlon Gold 3150U Firmware

Athlon Silver 3050U Firmware

Ryzen 3 2200U Firmware

Ryzen 3 2300U Firmware

Ryzen 3 3200U Firmware

Ryzen 3 3250U Firmware

Ryzen 3 3300X Firmware

Ryzen 3 3350U Firmware

Ryzen 3 3450U Firmware

Ryzen 3 3500C Firmware

Ryzen 3 3550H Firmware

Ryzen 3 3580U Firmware

Ryzen 3 3700C Firmware

Ryzen 3 3750H Firmware

Ryzen 3 3780U Firmware

Ryzen 3 5125C Firmware

Ryzen 3 5300G Firmware

Ryzen 3 5400U Firmware

Ryzen 3 5425U Firmware

Ryzen 5 2500U Firmware

Ryzen 5 2600H Firmware

Ryzen 5 2700 Firmware

Ryzen 5 5560U Firmware

Ryzen 5 5600X Firmware

Ryzen 5 5625U Firmware

Ryzen 7 2700U Firmware

Ryzen 7 2800H Firmware

Ryzen 7 5700G Firmware

Ryzen 7 5800U Firmware

Ryzen 7 5825U Firmware

Ryzen 9 5900Hx Firmware

Ryzen 9 5980Hx Firmware

CVE-2021-26384

Weakness Enumeration

Related Identifiers

Affected Products

References · 3