Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-26347 (GCVE-0-2021-26347)
Vulnerability from cvelistv5 – Published: 2022-05-11 16:22 – Updated: 2024-08-03 20:26
VLAI?
EPSS
Summary
Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | Ryzen 5000 Series |
Affected:
various
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "AGESA",
"platforms": [
"x86"
],
"product": "Ryzen 5000 Series",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"datePublic": "2023-01-10T17:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service."
}
],
"value": "Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-11T07:01:59.843Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
}
],
"source": {
"advisory": "AMD-SB-1031",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2021-26347",
"datePublished": "2022-05-11T16:22:09.774Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:26:25.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2022-AVI-497
Vulnerability from certfr_avis - Published: 2022-05-27 - Updated: 2022-05-27
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 9 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-ESPOS | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-LTSS | ||
| SUSE | N/A | SUSE OpenStack Cloud 9 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-26388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26388"
},
{
"name": "CVE-2021-26349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26349"
},
{
"name": "CVE-2021-26339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26339"
},
{
"name": "CVE-2021-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46744"
},
{
"name": "CVE-2021-26376",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26376"
},
{
"name": "CVE-2021-26350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26350"
},
{
"name": "CVE-2021-26347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26347"
},
{
"name": "CVE-2021-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26364"
},
{
"name": "CVE-2021-26312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26312"
},
{
"name": "CVE-2021-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26373"
},
{
"name": "CVE-2021-26375",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26375"
},
{
"name": "CVE-2021-26348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26348"
},
{
"name": "CVE-2021-26342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26342"
},
{
"name": "CVE-2022-1280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1280"
},
{
"name": "CVE-2021-26378",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26378"
},
{
"name": "CVE-2021-26372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26372"
}
],
"initial_release_date": "2022-05-27T00:00:00",
"last_revision_date": "2022-05-27T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-497",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221859-1 du 26 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221859-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221849-1 du 25 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221849-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221846-1 du 25 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221846-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221847-1 du 25 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221847-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221840-1 du 25 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221840-1/"
}
]
}
CERTFR-2022-AVI-519
Vulnerability from certfr_avis - Published: 2022-06-03 - Updated: 2022-06-03
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP4 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-26388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26388"
},
{
"name": "CVE-2021-26349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26349"
},
{
"name": "CVE-2021-26339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26339"
},
{
"name": "CVE-2021-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46744"
},
{
"name": "CVE-2021-26376",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26376"
},
{
"name": "CVE-2021-26350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26350"
},
{
"name": "CVE-2021-26347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26347"
},
{
"name": "CVE-2021-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26364"
},
{
"name": "CVE-2021-33139",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33139"
},
{
"name": "CVE-2021-26312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26312"
},
{
"name": "CVE-2021-33155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33155"
},
{
"name": "CVE-2021-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26373"
},
{
"name": "CVE-2021-26375",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26375"
},
{
"name": "CVE-2021-26348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26348"
},
{
"name": "CVE-2021-26342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26342"
},
{
"name": "CVE-2021-26378",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26378"
},
{
"name": "CVE-2021-26372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26372"
}
],
"initial_release_date": "2022-06-03T00:00:00",
"last_revision_date": "2022-06-03T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-519",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221923-1 du 02 juin 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221923-1/"
}
]
}
CERTFR-2022-AVI-480
Vulnerability from certfr_avis - Published: 2022-05-20 - Updated: 2022-05-20
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2-BCL | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS | ||
| SUSE | N/A | SUSE CaaS Platform 4.0 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP1 | ||
| SUSE | N/A | SUSE Enterprise Storage 7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1-BCL | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2-LTSS | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1-LTSS | ||
| SUSE | N/A | SUSE Enterprise Storage 6 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 15-SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE CaaS Platform 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-26388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26388"
},
{
"name": "CVE-2021-26349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26349"
},
{
"name": "CVE-2021-26339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26339"
},
{
"name": "CVE-2021-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46744"
},
{
"name": "CVE-2021-26376",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26376"
},
{
"name": "CVE-2021-0071",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0071"
},
{
"name": "CVE-2021-26350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26350"
},
{
"name": "CVE-2021-26347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26347"
},
{
"name": "CVE-2021-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26364"
},
{
"name": "CVE-2021-33139",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33139"
},
{
"name": "CVE-2021-26312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26312"
},
{
"name": "CVE-2021-33155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33155"
},
{
"name": "CVE-2021-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26373"
},
{
"name": "CVE-2021-26375",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26375"
},
{
"name": "CVE-2021-26348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26348"
},
{
"name": "CVE-2021-26342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26342"
},
{
"name": "CVE-2021-26378",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26378"
},
{
"name": "CVE-2021-26372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26372"
}
],
"initial_release_date": "2022-05-20T00:00:00",
"last_revision_date": "2022-05-20T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-480",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte\n\u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221751-1 du 19 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221751-1/"
}
]
}
GSD-2021-26347
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-26347",
"description": "TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service.",
"id": "GSD-2021-26347",
"references": [
"https://www.suse.com/security/cve/CVE-2021-26347.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-26347"
],
"details": "Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.",
"id": "GSD-2021-26347",
"modified": "2023-12-13T01:23:33.178534Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"ID": "CVE-2021-26347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ryzen 5000 Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
}
]
},
"vendor_name": " AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
}
]
},
"source": {
"advisory": "AMD-SB-1031",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7002_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7002:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7232p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7252_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7262_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7272_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7282_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7302_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7302p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7352_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7402_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7402p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7452_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7502_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7502p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7532_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7542_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7552_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7642_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7662_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7702_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7702p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7742_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f32_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7h12_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7h12:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f72_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f52_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"ID": "CVE-2021-26347"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031",
"refsource": "MISC",
"tags": [],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-01-11T08:15Z",
"publishedDate": "2022-05-11T17:15Z"
}
}
}
FKIE_CVE-2021-26347
Vulnerability from fkie_nvd - Published: 2022-05-11 17:15 - Updated: 2024-11-21 05:56
Severity ?
Summary
Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25C6225-69FF-4772-84F7-F560AAE3617E",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F900BDD-F094-41A6-9A23-31F53DBA95D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DB1651-2E51-434E-810F-83428B648E7A",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2299ED50-B4D2-4BB3-AD87-56D552B84AE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "717EA494-B9B9-4092-811C-C51C6ECB4322",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D698D3E-BB05-4C65-90F4-8DAE275CD6A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F117E00-F3D5-4884-8A17-59D23837EC65",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DFCB62-6CDF-4AD2-9265-1887E5780CA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C499DD69-BE4B-4E43-B19C-C17E79947C51",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98E1D79D-0CB0-4FD9-8A82-27CDFBFE07B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA967C73-8108-4F41-BFFD-81946C02EB24",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF0AFED-588A-4EFB-8C90-9280BC3A6720",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95329A7D-ED5A-40AE-AF5E-B053236DBF77",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77A0A47B-74A1-4731-92A8-BC10FFE58ECF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD14E00-D597-4099-B4DF-58EE8EEE0B2E",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52544912-FAA3-4025-A5FD-151B21CEC53B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F110B6-28BA-4A4C-8CF7-CB5BFD46D74F",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8264DF4-47B4-4716-AE89-44AFA870D385",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C80207-0203-44EB-B8E4-DBDD53786CEB",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*",
"matchCriteriaId": "241E39FF-FE66-444C-A4C2-3D28C45341BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84545E6A-E759-479C-93B7-65B172789853",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D08121-DC57-47D7-8214-23A209F0AF08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F1D942-1D5B-4C27-AE38-DF68F37A08E5",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2B13CA-72F4-4CF6-9E12-62E6E9056A14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C66D2D-BFCB-430C-8A18-FC3C21D2BD40",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C474537-3006-41BA-8C3D-5C370E3ACECD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D96D652C-BAC8-4975-BA8C-D4C0F707668F",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1766FF1-77A9-4293-B826-F6A8FBD7AFBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E3DEC2-7F6B-4520-8A02-C12948E1C65F",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678C5F58-8AE9-46FF-8F01-4CF394C87A2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB8E726E-ABB6-4A99-9834-CF16BA125598",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B9C24B-2C10-4826-A91B-E1C60665FBBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20F6AA60-E573-4034-BDCF-5C558DFB4BF5",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9000686A-DC2B-4561-9C32-E90890EB2EBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31595722-F102-447D-9BAE-9C36567342DD",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B02B61B7-7DD3-4164-8D32-EB961E981BC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35815993-4C33-4039-8CB4-C60A955980AE",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F98FF1A-3A2B-4CED-AEA2-9C4F2AC2D8C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "954923A7-7AAD-474E-919A-B17F11B01DA0",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D02B1C69-BAA4-485B-BE22-46BE321F9E4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB3E11E-F0DB-4A4E-BEED-7C24EEBF6271",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07E922F-C1AB-469C-A1C1-9F9E58332DFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "789DECC1-7334-4252-8801-EE1269687F87",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "237FB33B-BF08-4E3E-8E83-EB0AD2F12A4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E500-3840-428E-8B2B-A7FBB636F41F",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "180B3002-B3C5-48B5-8322-5B64B237C5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7002_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC7C2B2-F31B-4257-AFE0-6DC22FB8F616",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A05BAA-D9ED-411D-AEC7-DBD8998C345E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7232p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0094538-161A-4877-9247-EA6DD83C9E54",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16D55BEF-AFC8-45DC-9401-5DEF374E16C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7252_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5EA931-ED74-4086-B9A9-9F1A9A359590",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B816918-6CCF-4010-AA16-7BF8A93AD7D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7262_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E603AC01-F362-4B2E-9A08-DF2C24A49DDD",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBBFDD3-A85D-43A3-AD67-D69E91C633B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7272_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F384C3-11D5-42EB-BF44-A6707358E063",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F187412-26C2-4D8C-9199-D7CCF49D6520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7282_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0A9A96-25CF-47AC-9AF3-96725B3863E4",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26FC5683-F612-4586-8BA3-FB1F66D8868B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66D7E3EC-4358-4A82-807B-BBA7F03D5884",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7CB05E-C4F4-481F-AFB0-9288EBE6DB62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7302p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5841138E-BDAC-4F59-9BC8-9313A49DBECB",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2E0AC0-8BDE-49F8-B067-DB03037921DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7352_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FA8E2F-2E73-47AD-B671-A952B9A4BFD6",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1540CCD-1ED8-4B4E-AD43-7DE2689D9A21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7402_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E62B278C-BF08-4CC2-A843-1888AEF37638",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*",
"matchCriteriaId": "430C9955-0090-4166-8E90-D81C2AA7DE0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7402p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD73E1A-C4E6-4ECA-907C-99F84DBC7765",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92EBDDBF-37C2-4D09-B744-F78169B2C1C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7452_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88713545-D2E4-47CC-8F5F-EAEE0CF53BF2",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68ACF30E-62DD-4217-B7F0-4A0FFF47E8EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0E4971-594B-4D1E-AFD5-D6B8A8B8F8A8",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49BBC687-5C3C-4843-A028-B8BE29D1E302",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7502p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1FB232-0930-4F05-A4EC-D06DBED8E54A",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "563708A3-7C51-4693-B02D-9A25A639FE42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7532_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "576BF517-1021-48AA-A065-305A50F9645D",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EDABE45-F529-453C-92DC-BF7747CEEC0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7542_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08B6DBC4-F298-45E1-90FF-A87AEA06810E",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC94B03B-A7FE-47AE-969D-FFEF278A7A9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7552_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C08067DB-AD49-4B3D-BCBB-A4C9A7D9E7F4",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6C7497-1B63-490F-B8EA-D9F3CB790952",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7642_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73B1F0A4-655A-44B9-87C0-B8A8F95B2BE0",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EDF8A1E-B259-43D0-A56C-8C2BB688A32C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7662_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDB2131-CDC3-463D-958F-0BF8D0FF5EA2",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6528-9100-41D2-88A2-FFEABAB8F86A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7702_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED75D47-160E-4E80-ADC6-4F84748231D5",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC99346-DBF1-4060-8E6B-35D315944ADA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7702p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A21B5752-F187-4BA9-94E8-C6525C7824A2",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72C86198-0BD4-42E1-974B-70A49F82C411",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7742_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D45F46F-A3C0-4FA4-BCB6-DD1A8DC0E190",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F4A126-B4A6-480A-9DD7-7F68714DFB49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f32_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D58BC1BF-AE51-4C78-8376-FF72F20A001D",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E25652AB-E243-4C40-BE12-AB53AF52CD61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7h12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F406CA9-BF5D-4AF3-91FE-64712D8B9A9F",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7h12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89FAAD8C-6DD1-408D-849B-0CE707321B13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f72_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1577AC6-A05C-489D-8E2A-5F2F46E60F94",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07B3C659-C31A-4F82-9587-9F8A943F637D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f52_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97F3348B-8B30-4AB8-877B-F4B309EFEA1C",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87543FB4-658A-4300-9DC9-836AC1D4BCFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service."
},
{
"lang": "es",
"value": "El problema de TOCTOU (time-of-check to time-of-use) en la Unidad de Administraci\u00f3n del Sistema (SMU) puede resultar en un DMA (acceso directo a memoria) a una direcci\u00f3n de DRAM no v\u00e1lida que podr\u00eda resultar en una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-26347",
"lastModified": "2024-11-21T05:56:10.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-11T17:15:08.340",
"references": [
{
"source": "psirt@amd.com",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
}
],
"sourceIdentifier": "psirt@amd.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-3MG2-Q757-F3M2
Vulnerability from github – Published: 2022-05-12 00:01 – Updated: 2022-05-20 00:00
VLAI?
Details
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service.
Severity ?
4.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2021-26347"
],
"database_specific": {
"cwe_ids": [
"CWE-367"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-11T17:15:00Z",
"severity": "MODERATE"
},
"details": "TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service.",
"id": "GHSA-3mg2-q757-f3m2",
"modified": "2022-05-20T00:00:25Z",
"published": "2022-05-12T00:01:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26347"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…