CVE-2021-26397

Description

Insufficient address validation, may allow an attacker with a compromised ABL and UApp to corrupt sensitive memory locations potentially resulting in a loss of integrity or availability.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Affected products

AMD / 3rd Gen AMD EPYC™various – various

References

MISChttps://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001