CVE-2021-26404

{"id": "CVE-2021-26404", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2023-01-11T08:15:11.647", "references": [{"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032", "tags": ["Vendor Advisory"], "source": "psirt@amd.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure.\n"}], "lastModified": "2023-11-07T03:31:44.523", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F43FE6B-1CE0-4C93-B457-385D60D0BC7E", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7003:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C912AA31-FB2D-4BD9-B1BD-3C8D7EEE771C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CED4A938-7B21-4DBE-945E-04FD76712CDD", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B02B61B7-7DD3-4164-8D32-EB961E981BC9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35BC64A9-A82B-4D1A-A070-541F429632FD", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9000686A-DC2B-4561-9C32-E90890EB2EBA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2909C50-60B7-45A4-A597-B9B13A3136C6", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "71B9C24B-2C10-4826-A91B-E1C60665FBBE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C5F5AAD-06AB-4AE2-ADDF-C704278B1E63", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "180B3002-B3C5-48B5-8322-5B64B237C5B9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B13FA57-6D07-4461-B40C-227977EFB67F", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "678C5F58-8AE9-46FF-8F01-4CF394C87A2C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D45D2D3-EACD-40A7-A2E4-3E4918C1AAFE", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D1766FF1-77A9-4293-B826-F6A8FBD7AFBF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9BBB5C7-942A-4B1D-9219-7D158D6B65E3", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4C474537-3006-41BA-8C3D-5C370E3ACECD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EA98910-C8B0-4449-A3AD-5C2356C917A8", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E2B13CA-72F4-4CF6-9E12-62E6E9056A14"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A92937F-8BB5-4D63-A589-58BF847F06CA", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "241E39FF-FE66-444C-A4C2-3D28C45341BE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80D9BAD4-AA85-45C6-9246-089D8C4FB30F", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D07E922F-C1AB-469C-A1C1-9F9E58332DFC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BB76635-870C-4304-B435-FFCD671FA882", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02D08121-DC57-47D7-8214-23A209F0AF08"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C0B8817-B424-4F8C-B6A0-8305C6317A65", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8264DF4-47B4-4716-AE89-44AFA870D385"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "661AC564-7A60-4E10-ADC3-964A04FBA896", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52544912-FAA3-4025-A5FD-151B21CEC53B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B7EB27B-1963-4057-9088-CBC6FBCD91F6", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "77A0A47B-74A1-4731-92A8-BC10FFE58ECF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B8ED95C-4703-4C83-B787-096FB2730CCA", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "237FB33B-BF08-4E3E-8E83-EB0AD2F12A4B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2499FB92-B422-4E92-960B-FB67B4C8108F", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98E1D79D-0CB0-4FD9-8A82-27CDFBFE07B2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69C1BF26-EE53-4D48-A4CB-FB04E3DE6697", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBF0AFED-588A-4EFB-8C90-9280BC3A6720"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52B04F08-3447-4686-A965-65F8C7C64696", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7DFCB62-6CDF-4AD2-9265-1887E5780CA5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F45D168-7370-454E-AA01-66A5F418AAFA", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D698D3E-BB05-4C65-90F4-8DAE275CD6A4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B612010-419B-4F5C-8B00-C5BCE6B20EE3", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2299ED50-B4D2-4BB3-AD87-56D552B84AE1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "964257EB-311C-4323-AE2C-4BD97FB21798", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4F900BDD-F094-41A6-9A23-31F53DBA95D4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "816CE49A-4C18-4834-883B-2F19644C831D", "versionEndExcluding": "milanpi-sp3_1.0.0.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D02B1C69-BAA4-485B-BE22-46BE321F9E4E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@amd.com"}