CVE-2021-39298
published 2022-02-16CVE-2021-39298: A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in…
high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.
Affected
188 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amd | 2nd_gen_epyc | — | — |
| amd | 3rd_gen_epyc | — | — |
| amd | ryzen_2000_series | — | — |
| amd | ryzen_3000_series | — | — |
| amd | ryzen_5000_series | — | — |
| hp | 260_g3_desktop_mini_pc_firmware | <= 2.17.00 | — |
| hp | elite_dragonfly_firmware | < 01.12.00 | 01.12.00 |
| hp | elite_dragonfly_g2_firmware | < 01.08.00 | 01.08.00 |
| hp | elite_dragonfly_max_firmware | < 01.08.00 | 01.08.00 |
| hp | elite_x2_1013_g3_firmware | < 01.19.00 | 01.19.00 |
| hp | elite_x2_g4_firmware | < 01.12.00 | 01.12.00 |
| hp | elite_x2_g8_tablet_firmware | < 01.08.00 | 01.08.00 |
| hp | elitebook_1050_g1_firmware | < 01.19.00 | 01.19.00 |
| hp | elitebook_830_g5_firmware | < 01.19.00 | 01.19.00 |
| hp | elitebook_830_g6_firmware | < 01.12.00 | 01.12.00 |
| hp | elitebook_830_g7_firmware | < 01.08.00 | 01.08.00 |
| hp | elitebook_830_g8_firmware | < 01.08.00 | 01.08.00 |
| hp | elitebook_836_g5_firmware | < 01.19.00 | 01.19.00 |
| hp | elitebook_836_g6_firmware | < 01.12.00 | 01.12.00 |
| hp | elitebook_840_aero_g8_firmware | < 01.08.00 | 01.08.00 |
| hp | elitebook_840_g5_firmware | < 01.19.00 | 01.19.00 |
| hp | elitebook_840_g5_healthcare_edition_firmware | < 01.19.00 | 01.19.00 |
| hp | elitebook_840_g6_firmware | < 01.12.00 | 01.12.00 |
| hp | elitebook_840_g6_healthcare_edition_firmware | < 01.12.00 | 01.12.00 |
| hp | elitebook_840_g7_firmware | < 01.08.00 | 01.08.00 |