CVE-2021-26387
published 2024-08-13CVE-2021-26387: Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions…
low3.9CVSS 3.1
AVLACHPRHUINSCCNILAL
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD signing keys and the BIOS menu or UEFI
shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amd | amd_epyc_7001_series_processors | — | — |
| amd | amd_epyc_7002_series_processors | — | — |
| amd | amd_epyc_7003_series_processors | — | — |
| amd | amd_epyc_9004_series_processors | — | — |
| amd | amd_epyc_embedded_3000_series_processors | — | — |
| amd | amd_epyc_embedded_7002_series_processors | — | — |
| amd | amd_epyc_embedded_7003_series_processors | — | — |
| amd | amd_epyc_embedded_9003_series_processors | — | — |