Lucene search

[email protected]CVE-2021-26393

HistoryNov 09, 2022 - 9:15 p.m.

CVE-2021-26393

2022-11-0921:15:12

CWE-401

[email protected]

web.nvd.nist.gov

amd

secure processor

trusted execution environment

cve-2021-26393

memory cleanup

authenticated attacker

confidentiality

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confidentiality.

Affected configurations

NVD

Node

amdenterprise_driverRange<22.10.20

amdradeon_pro_softwareRange<22.q2enterprise

amdradeon_softwareRange<22.5.2

AND

amdradeon_pro_w5500Match-

amdradeon_pro_w5500xMatch-

amdradeon_pro_w5700Match-

amdradeon_pro_w5700xMatch-

amdradeon_pro_w6300mMatch-

amdradeon_pro_w6400Match-

amdradeon_pro_w6500mMatch-

amdradeon_pro_w6600Match-

amdradeon_pro_w6600mMatch-

amdradeon_pro_w6600xMatch-

amdradeon_pro_w6800Match-

amdradeon_pro_w6800xMatch-

amdradeon_pro_w6800x_duoMatch-

amdradeon_pro_w6900xMatch-

amdradeon_rx_5300Match-

amdradeon_rx_5300_xtMatch-

amdradeon_rx_5300mMatch-

amdradeon_rx_5500Match-

amdradeon_rx_5500_xtMatch-

amdradeon_rx_5500mMatch-

amdradeon_rx_5600Match-

amdradeon_rx_5600_xtMatch-

amdradeon_rx_5600mMatch-

amdradeon_rx_5700Match-

amdradeon_rx_5700_xtMatch-

amdradeon_rx_5700mMatch-

amdradeon_rx_6300mMatch-

amdradeon_rx_6400Match-

amdradeon_rx_6500_xtMatch-

amdradeon_rx_6500mMatch-

amdradeon_rx_6600Match-

amdradeon_rx_6600_xtMatch-

amdradeon_rx_6600mMatch-

amdradeon_rx_6600sMatch-

amdradeon_rx_6650_xtMatch-

amdradeon_rx_6650mMatch-

amdradeon_rx_6650m_xtMatch-

amdradeon_rx_6700Match-

amdradeon_rx_6700_xtMatch-

amdradeon_rx_6700mMatch-

amdradeon_rx_6700sMatch-

amdradeon_rx_6750_xtMatch-

amdradeon_rx_6800Match-

amdradeon_rx_6800_xtMatch-

amdradeon_rx_6800mMatch-

amdradeon_rx_6800sMatch-

amdradeon_rx_6850m_xtMatch-

amdradeon_rx_6900_xtMatch-

amdradeon_rx_6950_xtMatch-

Node

amdradeon_rx_vega_56_firmwareMatch-

AND

amdradeon_rx_vega_56Match-

Node

amdradeon_rx_vega_64_firmwareMatch-

AND

amdradeon_rx_vega_64Match-

Node

amdryzen_3_2200ge_firmwareMatch-

AND

amdryzen_3_2200geMatch-

Node

amdryzen_3_2200g_firmwareMatch-

AND

amdryzen_3_2200gMatch-

Node

amdryzen_5_2400ge_firmwareMatch-

AND

amdryzen_5_2400geMatch-

Node

amdryzen_5_2400g_firmwareMatch-

AND

amdryzen_5_2400gMatch-

Node

amdryzen_3_5300ge_firmwareMatch-

AND

amdryzen_3_5300geMatch-

Node

amdryzen_3_5300g_firmwareMatch-

AND

amdryzen_3_5300gMatch-

Node

amdryzen_5_5600ge_firmwareMatch-

AND

amdryzen_5_5600geMatch-

Node

amdryzen_5_5600g_firmwareMatch-

AND

amdryzen_5_5600gMatch-

Node

amdryzen_7_5700ge_firmwareMatch-

AND

amdryzen_7_5700geMatch-

Node

amdryzen_7_5700g_firmwareMatch-

AND

amdryzen_7_5700gMatch-

Node

amdathlon_silver_3050e_firmwareMatch-

AND

amdathlon_silver_3050eMatch-

Node

amdathlon_pro_3045b_firmwareMatch-

AND

amdathlon_pro_3045bMatch-

Node

amdathlon_silver_3050u_firmwareMatch-

AND

amdathlon_silver_3050uMatch-

Node

amdathlon_silver_3050c_firmwareMatch-

AND

amdathlon_silver_3050cMatch-

Node

amdathlon_pro_3145b_firmwareMatch-

AND

amdathlon_pro_3145bMatch-

Node

amdathlon_gold_3150u_firmwareMatch-

AND

amdathlon_gold_3150uMatch-

Node

amdathlon_gold_3150c_firmwareMatch-

AND

amdathlon_gold_3150cMatch-

Node

amdryzen_3_3250u_firmwareMatch-

AND

amdryzen_3_3250uMatch-

Node

amdryzen_3_3250c_firmwareMatch-

AND

amdryzen_3_3250cMatch-

Node

amdamd_3020e_firmwareMatch-

AND

amdamd_3020eMatch-

Node

amdamd_3015e_firmwareMatch-

AND

amdamd_3015eMatch-

Node

amdamd_3015ce_firmwareMatch-

AND

amdamd_3015ceMatch-

Node

amdryzen_3_2200u_firmwareMatch-

AND

amdryzen_3_2200uMatch-

Node

amdryzen_3_2300u_firmwareMatch-

AND

amdryzen_3_2300uMatch-

Node

amdryzen_5_2500u_firmwareMatch-

AND

amdryzen_5_2500uMatch-

Node

amdryzen_5_2600h_firmwareMatch-

AND

amdryzen_5_2600hMatch-

Node

amdryzen_7_2700u_firmwareMatch-

AND

amdryzen_7_2700uMatch-

Node

amdryzen_7_2800h_firmwareMatch-

AND

amdryzen_7_2800hMatch-

Node

amdryzen_3_3300u_firmwareMatch-

AND

amdryzen_3_3300uMatch-

Node

amdryzen_3_3350u_firmwareMatch-

AND

amdryzen_3_3350uMatch-

Node

amdryzen_5_3450u_firmwareMatch-

AND

amdryzen_5_3450uMatch-

Node

amdryzen_5_3500u_firmwareMatch-

AND

amdryzen_5_3500uMatch-

Node

amdryzen_5_3500c_firmwareMatch-

AND

amdryzen_5_3500cMatch-

Node

amdryzen_5_3550h_firmwareMatch-

AND

amdryzen_5_3550hMatch-

Node

amdryzen_5_3580u_firmwareMatch-

AND

amdryzen_5_3580uMatch-

Node

amdryzen_7_3700u_firmwareMatch-

AND

amdryzen_7_3700uMatch-

Node

amdryzen_7_3700c_firmwareMatch-

AND

amdryzen_7_3700cMatch-

Node

amdryzen_7_3750h_firmwareMatch-

AND

amdryzen_7_3750hMatch-

Node

amdryzen_7_3780u_firmwareMatch-

AND

amdryzen_7_3780uMatch-

Node

amdryzen_3_pro_3200ge_firmwareMatch-

AND

amdryzen_3_pro_3200geMatch-

Node

amdryzen_3_3200g_firmwareMatch-

AND

amdryzen_3_3200gMatch-

Node

amdryzen_3_pro_3200g_firmwareMatch-

AND

amdryzen_3_pro_3200gMatch-

Node

amdryzen_5_pro_3350ge_firmwareMatch-

AND

amdryzen_5_pro_3350geMatch-

Node

amdryzen_5_pro_3350g_firmwareMatch-

AND

amdryzen_5_pro_3350gMatch-

Node

amdryzen_5_pro_3400ge_firmwareMatch-

AND

amdryzen_5_pro_3400geMatch-

Node

amdryzen_5_pro_3400g_firmwareMatch-

AND

amdryzen_5_pro_3400gMatch-

Node

amdryzen_5_3400g_firmwareMatch-

AND

amdryzen_5_3400gMatch-

Node

amdryzen_3_5300u_firmwareMatch-

AND

amdryzen_3_5300uMatch-

Node

amdryzen_5_5500u_firmwareMatch-

AND

amdryzen_5_5500uMatch-

Node

amdryzen_7_5700u_firmwareMatch-

AND

amdryzen_7_5700uMatch-

Node

amdryzen_3_5400u_firmwareMatch-

AND

amdryzen_3_5400uMatch-

Node

amdryzen_5_5560u_firmwareMatch-

AND

amdryzen_5_5560uMatch-

Node

amdryzen_5_5600u_firmwareMatch-

AND

amdryzen_5_5600uMatch-

Node

amdryzen_5_5600h_firmwareMatch-

AND

amdryzen_5_5600hMatch-

Node

amdryzen_5_5600hs_firmwareMatch-

AND

amdryzen_5_5600hsMatch-

Node

amdryzen_7_5800u_firmwareMatch-

AND

amdryzen_7_5800uMatch-

Node

amdryzen_7_5800h_firmwareMatch-

AND

amdryzen_7_5800hMatch-

Node

amdryzen_7_5800hs_firmwareMatch-

AND

amdryzen_7_5800hsMatch-

Node

amdryzen_9_5900hs_firmwareMatch-

AND

amdryzen_9_5900hsMatch-

Node

amdryzen_9_5900hx_firmwareMatch-

AND

amdryzen_9_5900hxMatch-

Node

amdryzen_9_5980hs_firmwareMatch-

AND

amdryzen_9_5980hsMatch-

Node

amdryzen_9_5980hx_firmwareMatch-

AND

amdryzen_9_5980hxMatch-

CPENameOperatorVersion
amd:enterprise_driveramd enterprise driverlt22.10.20
amd:radeon_pro_softwareamd radeon pro softwarelt22.q2
amd:radeon_softwareamd radeon softwarelt22.5.2

CPE	Name	Operator	Version
amd:enterprise_driver	amd enterprise driver	lt	22.10.20
amd:radeon_pro_software	amd radeon pro software	lt	22.q2
amd:radeon_software	amd radeon software	lt	22.5.2

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "AMD Radeon RX 5000 Series & PRO W5000 Series ",
    "vendor": "AMD",
    "versions": [
      {
        "lessThan": "22.5.2",
        "status": "affected",
        "version": "AMD Radeon Software",
        "versionType": "custom"
      },
      {
        "lessThan": "22.Q2",
        "status": "affected",
        "version": "AMD Radeon Pro Software Enterprise",
        "versionType": "custom"
      },
      {
        "lessThan": "22.10.20",
        "status": "affected",
        "version": "Enterprise Driver",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AMD Radeon RX 6000 Series & PRO W6000 Series ",
    "vendor": "AMD",
    "versions": [
      {
        "lessThan": "22.5.2",
        "status": "affected",
        "version": "AMD Radeon Software",
        "versionType": "custom"
      },
      {
        "lessThan": "22.Q2",
        "status": "affected",
        "version": "AMD Radeon Pro Software Enterprise",
        "versionType": "custom"
      },
      {
        "lessThan": "22.10.20",
        "status": "affected",
        "version": "Enterprise Driver",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AMD Ryzen™ Embedded R1000",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AMD Ryzen™ Embedded R2000",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AMD Ryzen™ Embedded V1000",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AMD Ryzen™ Embedded V2000",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]