Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-26364 (GCVE-0-2021-26364)
Vulnerability from cvelistv5 – Published: 2022-05-11 16:25 – Updated: 2024-09-16 20:42
VLAI?
EPSS
Summary
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.
Severity ?
No CVSS data available.
CWE
- tbd
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | EPYC™ Processors |
Affected:
various
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EPYC\u2122 Processors",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"datePublic": "2022-05-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "tbd",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T16:25:26.000Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
],
"source": {
"advisory": "AMD-SB-1028",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EPYC\u2122 Processors",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "tbd"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
]
},
"source": {
"advisory": "AMD-SB-1028",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2021-26364",
"datePublished": "2022-05-11T16:25:26.746Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:42:13.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GSD-2021-26364
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-26364",
"description": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"id": "GSD-2021-26364",
"references": [
"https://www.suse.com/security/cve/CVE-2021-26364.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-26364"
],
"details": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"id": "GSD-2021-26364",
"modified": "2023-12-13T01:23:33.105600Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2022-05-10T20:00:00.000Z",
"ID": "CVE-2021-26364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " EPYC\u2122 Processors ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various "
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "tbd"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
]
},
"source": {
"advisory": "AMD-SB-1028",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7232p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7302p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7402p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7502p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7702p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7252_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7262_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7272_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7282_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7302_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7352_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7402_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7452_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7502_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7532_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7542_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7552_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7642_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7662_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7702_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7742_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f32_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f52_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f72_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f32_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f52_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7f72_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"ID": "CVE-2021-26364"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-05-25T18:01Z",
"publishedDate": "2022-05-11T17:15Z"
}
}
}
CERTFR-2022-AVI-497
Vulnerability from certfr_avis - Published: 2022-05-27 - Updated: 2022-05-27
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | N/A | SUSE OpenStack Cloud Crowbar 9 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-ESPOS | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP3 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-LTSS | ||
| SUSE | N/A | SUSE OpenStack Cloud 9 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-26388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26388"
},
{
"name": "CVE-2021-26349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26349"
},
{
"name": "CVE-2021-26339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26339"
},
{
"name": "CVE-2021-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46744"
},
{
"name": "CVE-2021-26376",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26376"
},
{
"name": "CVE-2021-26350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26350"
},
{
"name": "CVE-2021-26347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26347"
},
{
"name": "CVE-2021-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26364"
},
{
"name": "CVE-2021-26312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26312"
},
{
"name": "CVE-2021-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26373"
},
{
"name": "CVE-2021-26375",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26375"
},
{
"name": "CVE-2021-26348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26348"
},
{
"name": "CVE-2021-26342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26342"
},
{
"name": "CVE-2022-1280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1280"
},
{
"name": "CVE-2021-26378",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26378"
},
{
"name": "CVE-2021-26372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26372"
}
],
"initial_release_date": "2022-05-27T00:00:00",
"last_revision_date": "2022-05-27T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-497",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221859-1 du 26 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221859-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221849-1 du 25 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221849-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221846-1 du 25 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221846-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221847-1 du 25 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221847-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221840-1 du 25 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221840-1/"
}
]
}
CERTFR-2022-AVI-519
Vulnerability from certfr_avis - Published: 2022-06-03 - Updated: 2022-06-03
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15-SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP4 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-26388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26388"
},
{
"name": "CVE-2021-26349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26349"
},
{
"name": "CVE-2021-26339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26339"
},
{
"name": "CVE-2021-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46744"
},
{
"name": "CVE-2021-26376",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26376"
},
{
"name": "CVE-2021-26350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26350"
},
{
"name": "CVE-2021-26347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26347"
},
{
"name": "CVE-2021-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26364"
},
{
"name": "CVE-2021-33139",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33139"
},
{
"name": "CVE-2021-26312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26312"
},
{
"name": "CVE-2021-33155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33155"
},
{
"name": "CVE-2021-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26373"
},
{
"name": "CVE-2021-26375",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26375"
},
{
"name": "CVE-2021-26348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26348"
},
{
"name": "CVE-2021-26342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26342"
},
{
"name": "CVE-2021-26378",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26378"
},
{
"name": "CVE-2021-26372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26372"
}
],
"initial_release_date": "2022-06-03T00:00:00",
"last_revision_date": "2022-06-03T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-519",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221923-1 du 02 juin 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221923-1/"
}
]
}
CERTFR-2022-AVI-480
Vulnerability from certfr_avis - Published: 2022-05-20 - Updated: 2022-05-20
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2-BCL | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS | ||
| SUSE | N/A | SUSE CaaS Platform 4.0 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP1 | ||
| SUSE | N/A | SUSE Enterprise Storage 7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1-BCL | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 15-SP2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP2-LTSS | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15-SP1-LTSS | ||
| SUSE | N/A | SUSE Enterprise Storage 6 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 15-SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE CaaS Platform 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 15-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-26388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26388"
},
{
"name": "CVE-2021-26349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26349"
},
{
"name": "CVE-2021-26339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26339"
},
{
"name": "CVE-2021-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46744"
},
{
"name": "CVE-2021-26376",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26376"
},
{
"name": "CVE-2021-0071",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0071"
},
{
"name": "CVE-2021-26350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26350"
},
{
"name": "CVE-2021-26347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26347"
},
{
"name": "CVE-2021-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26364"
},
{
"name": "CVE-2021-33139",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33139"
},
{
"name": "CVE-2021-26312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26312"
},
{
"name": "CVE-2021-33155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33155"
},
{
"name": "CVE-2021-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26373"
},
{
"name": "CVE-2021-26375",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26375"
},
{
"name": "CVE-2021-26348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26348"
},
{
"name": "CVE-2021-26342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26342"
},
{
"name": "CVE-2021-26378",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26378"
},
{
"name": "CVE-2021-26372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26372"
}
],
"initial_release_date": "2022-05-20T00:00:00",
"last_revision_date": "2022-05-20T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-480",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte\n\u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20221751-1 du 19 mai 2022",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221751-1/"
}
]
}
FKIE_CVE-2021-26364
Vulnerability from fkie_nvd - Published: 2022-05-11 17:15 - Updated: 2024-11-21 05:56
Severity ?
Summary
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7232p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0094538-161A-4877-9247-EA6DD83C9E54",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16D55BEF-AFC8-45DC-9401-5DEF374E16C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7302p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5841138E-BDAC-4F59-9BC8-9313A49DBECB",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2E0AC0-8BDE-49F8-B067-DB03037921DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7402p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD73E1A-C4E6-4ECA-907C-99F84DBC7765",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92EBDDBF-37C2-4D09-B744-F78169B2C1C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7502p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1FB232-0930-4F05-A4EC-D06DBED8E54A",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "563708A3-7C51-4693-B02D-9A25A639FE42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7702p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A21B5752-F187-4BA9-94E8-C6525C7824A2",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72C86198-0BD4-42E1-974B-70A49F82C411",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7252_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5EA931-ED74-4086-B9A9-9F1A9A359590",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B816918-6CCF-4010-AA16-7BF8A93AD7D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7262_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E603AC01-F362-4B2E-9A08-DF2C24A49DDD",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBBFDD3-A85D-43A3-AD67-D69E91C633B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7272_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F384C3-11D5-42EB-BF44-A6707358E063",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F187412-26C2-4D8C-9199-D7CCF49D6520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7282_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0A9A96-25CF-47AC-9AF3-96725B3863E4",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26FC5683-F612-4586-8BA3-FB1F66D8868B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7302_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66D7E3EC-4358-4A82-807B-BBA7F03D5884",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7CB05E-C4F4-481F-AFB0-9288EBE6DB62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7352_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FA8E2F-2E73-47AD-B671-A952B9A4BFD6",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1540CCD-1ED8-4B4E-AD43-7DE2689D9A21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7402_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E62B278C-BF08-4CC2-A843-1888AEF37638",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*",
"matchCriteriaId": "430C9955-0090-4166-8E90-D81C2AA7DE0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7452_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88713545-D2E4-47CC-8F5F-EAEE0CF53BF2",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68ACF30E-62DD-4217-B7F0-4A0FFF47E8EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0E4971-594B-4D1E-AFD5-D6B8A8B8F8A8",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49BBC687-5C3C-4843-A028-B8BE29D1E302",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7532_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "576BF517-1021-48AA-A065-305A50F9645D",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EDABE45-F529-453C-92DC-BF7747CEEC0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7542_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08B6DBC4-F298-45E1-90FF-A87AEA06810E",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC94B03B-A7FE-47AE-969D-FFEF278A7A9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7552_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C08067DB-AD49-4B3D-BCBB-A4C9A7D9E7F4",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6C7497-1B63-490F-B8EA-D9F3CB790952",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7642_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73B1F0A4-655A-44B9-87C0-B8A8F95B2BE0",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EDF8A1E-B259-43D0-A56C-8C2BB688A32C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7662_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDB2131-CDC3-463D-958F-0BF8D0FF5EA2",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6528-9100-41D2-88A2-FFEABAB8F86A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7702_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED75D47-160E-4E80-ADC6-4F84748231D5",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC99346-DBF1-4060-8E6B-35D315944ADA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7742_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D45F46F-A3C0-4FA4-BCB6-DD1A8DC0E190",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F4A126-B4A6-480A-9DD7-7F68714DFB49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f32_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D58BC1BF-AE51-4C78-8376-FF72F20A001D",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E25652AB-E243-4C40-BE12-AB53AF52CD61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f52_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97F3348B-8B30-4AB8-877B-F4B309EFEA1C",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87543FB4-658A-4300-9DC9-836AC1D4BCFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f72_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1577AC6-A05C-489D-8E2A-5F2F46E60F94",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07B3C659-C31A-4F82-9587-9F8A943F637D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f32_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D58BC1BF-AE51-4C78-8376-FF72F20A001D",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E25652AB-E243-4C40-BE12-AB53AF52CD61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f52_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97F3348B-8B30-4AB8-877B-F4B309EFEA1C",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87543FB4-658A-4300-9DC9-836AC1D4BCFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7f72_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1577AC6-A05C-489D-8E2A-5F2F46E60F94",
"versionEndExcluding": "romepi-sp3_1.0.0.d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07B3C659-C31A-4F82-9587-9F8A943F637D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20F6AA60-E573-4034-BDCF-5C558DFB4BF5",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9000686A-DC2B-4561-9C32-E90890EB2EBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F1D942-1D5B-4C27-AE38-DF68F37A08E5",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2B13CA-72F4-4CF6-9E12-62E6E9056A14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95329A7D-ED5A-40AE-AF5E-B053236DBF77",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77A0A47B-74A1-4731-92A8-BC10FFE58ECF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DB1651-2E51-434E-810F-83428B648E7A",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2299ED50-B4D2-4BB3-AD87-56D552B84AE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "954923A7-7AAD-474E-919A-B17F11B01DA0",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D02B1C69-BAA4-485B-BE22-46BE321F9E4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25C6225-69FF-4772-84F7-F560AAE3617E",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F900BDD-F094-41A6-9A23-31F53DBA95D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "717EA494-B9B9-4092-811C-C51C6ECB4322",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D698D3E-BB05-4C65-90F4-8DAE275CD6A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F117E00-F3D5-4884-8A17-59D23837EC65",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DFCB62-6CDF-4AD2-9265-1887E5780CA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C499DD69-BE4B-4E43-B19C-C17E79947C51",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98E1D79D-0CB0-4FD9-8A82-27CDFBFE07B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "789DECC1-7334-4252-8801-EE1269687F87",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "237FB33B-BF08-4E3E-8E83-EB0AD2F12A4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA967C73-8108-4F41-BFFD-81946C02EB24",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF0AFED-588A-4EFB-8C90-9280BC3A6720",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F110B6-28BA-4A4C-8CF7-CB5BFD46D74F",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8264DF4-47B4-4716-AE89-44AFA870D385",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB3E11E-F0DB-4A4E-BEED-7C24EEBF6271",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07E922F-C1AB-469C-A1C1-9F9E58332DFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C80207-0203-44EB-B8E4-DBDD53786CEB",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*",
"matchCriteriaId": "241E39FF-FE66-444C-A4C2-3D28C45341BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84545E6A-E759-479C-93B7-65B172789853",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D08121-DC57-47D7-8214-23A209F0AF08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D96D652C-BAC8-4975-BA8C-D4C0F707668F",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1766FF1-77A9-4293-B826-F6A8FBD7AFBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E3DEC2-7F6B-4520-8A02-C12948E1C65F",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678C5F58-8AE9-46FF-8F01-4CF394C87A2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E500-3840-428E-8B2B-A7FBB636F41F",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "180B3002-B3C5-48B5-8322-5B64B237C5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB8E726E-ABB6-4A99-9834-CF16BA125598",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B9C24B-2C10-4826-A91B-E1C60665FBBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35815993-4C33-4039-8CB4-C60A955980AE",
"versionEndExcluding": "milanpi-sp3_1.0.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F98FF1A-3A2B-4CED-AEA2-9C4F2AC2D8C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service."
},
{
"lang": "es",
"value": "Una comprobaci\u00f3n de l\u00edmites insuficiente en un registro del buz\u00f3n de la SMU podr\u00eda permitir a un atacante leer potencialmente fuera del rango de direcciones de la SRAM, lo que podr\u00eda resultar en un manejo de excepciones conllevando a una potencial denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-26364",
"lastModified": "2024-11-21T05:56:12.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-11T17:15:08.510",
"references": [
{
"source": "psirt@amd.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
],
"sourceIdentifier": "psirt@amd.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-Q56V-Q98X-MC7H
Vulnerability from github – Published: 2022-05-12 00:01 – Updated: 2022-05-26 00:01
VLAI?
Details
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2021-26364"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-11T17:15:00Z",
"severity": "MODERATE"
},
"details": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"id": "GHSA-q56v-q98x-mc7h",
"modified": "2022-05-26T00:01:15Z",
"published": "2022-05-12T00:01:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26364"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…