CVE-2021-26365
CVE-2021-26365
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.2EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
09 May 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Certain size values in firmware binary headers
could trigger out of bounds reads during signature validation, leading to
denial of service or potentially limited leakage of information about
out-of-bounds memory contents.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Affected products
AMD · Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULPAMD · Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”AMD · Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4AMD · Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5AMD · Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”AMD · Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir”AMD · Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4AMD · Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”AMD · Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”AMD · Ryzen™ 6000 Series Mobile Processors "Rembrandt"Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →