cbcvebase.
CVE-2021-26316
published 2023-01-11

CVE-2021-26316: Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM…

high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.

Affected

56 ranges· showing 25
VendorProductVersion rangeFixed in
amd1st_gen_epyc
amd2nd_gen_epyc
amd3rd_gen_epyc
amdepyc_7002_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7003_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7232p_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7252_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7262_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7272_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7282_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_72f3_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7302_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7302p_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7313_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7313p_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7343_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7352_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7373x_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_73f3_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7402_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7402p_firmware< romepi_1.0.0.dromepi_1.0.0.d
amdepyc_7413_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7443_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7443p_firmware< milanpi-sp3_1.0.0.8milanpi-sp3_1.0.0.8
amdepyc_7452_firmware< romepi_1.0.0.dromepi_1.0.0.d