CVE-2021-26363Resource Exposure in AMD Athlon Series

CWE-668Resource Exposure3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.1%
top 83.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
AMD Athlon SeriesAMD Ryzen Series
Timeline
PublishedMay 12
Latest updateMay 13

Description

A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area, potentially leading to data exposure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 1.8 | Impact: 2.5

Affected Packages2 packages

CVEListV5amd/ryzen_seriesvarious
CVEListV5amd/athlon_seriesvarious

🔴Vulnerability Details

2
GHSA
GHSA-v2rv-5w2r-qqhg: A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area,2022-05-13
CVEList
CVE-2021-26363: A malicious or compromised UApp or ABL could potentially change the value that the ASP uses for its reserved DRAM, to one outside of the fenced area,2022-05-12
CVE-2021-26363 — Resource Exposure in AMD Athlon Series | cvebase