CVE-2021-26367

MEDIUM

Published 2024-08-13T16:50:05.825Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-26367. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

5.7

/10

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14

0.000

probability

of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25

Exploit Probability

Percentile: 0.043

Higher than 4.3% of all CVEs

Attack Vector Metrics

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

NONE

Integrity

HIGH

Availability

HIGH

Description

A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

AMD

AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics

Affected Versions:

ComboAM4v2 PI 1.2.0.5

AMD

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics

Affected Versions:

ComboAM4PI 1.0.0.9 ComboAM4v2 PI 1.2.0.8

AMD

AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics

Affected Versions:

ComboAM4v2 PI 1.2.0.5

AMD

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics

Affected Versions:

PicassoPI-FP5 1.0.0.E

AMD

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics

Affected Versions:

PollockPI-FT5 1.0.0.4

AMD

AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics

Affected Versions:

PicassoPI-FP5 1.0.0.E

AMD

AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics

Affected Versions:

RenoirPI-FP6 1.0.0.7

AMD

AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics

Affected Versions:

CezannePI-FP6 1.0.0.6

AMD

AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics

Affected Versions:

CezannePI-FP6 1.0.0.6

AMD

AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics

Affected Versions:

CezannePI-FP6 1.0.0.6

AMD

AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics

Affected Versions:

CezannePI-FP6 1.0.0.6

AMD

AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics

Affected Versions:

CezannePI-FP6 1.0.0.6

AMD

AMD Radeon™ RX 6000 Series Graphics Cards

Affected Versions:

AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)

AMD

AMD Radeon™ PRO W6000 Series Graphics Cards

Affected Versions:

AMD Software: PRO Edition 23.Q4 (23.30.13.03)

AMD

AMD Ryzen™ Embedded R1000 Series Processors

Affected Versions:

EmbeddedPI-FP5 1.2.0.A

AMD

AMD Ryzen™ Embedded R2000 Series Processors

Affected Versions:

EmbeddedR2KPI-FP5 1.0.0.2

AMD

AMD Ryzen™ Embedded V1000 Series Processors

Affected Versions:

EmbeddedPI-FP5 1.2.0.A

AMD

AMD Ryzen™ Embedded V2000 Series Processors

Affected Versions:

EmbeddedPI-FP6 1.0.0.6

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-2xq4-823c-q5v9

Advisory Details

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-26367

WEB https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html

WEB https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html

Advisory provided by GitHub Security Advisory Database. Published: August 13, 2024, Modified: August 13, 2024

References

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html

Published: 2024-08-13T16:50:05.825Z

Last Modified: 2024-12-04T16:25:09.987Z

Copied to clipboard!

CVE-2021-26367

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

Affected Products

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!