Epyc 7232P Firmware
CVE-2021-26325
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service.
AnalysisAI
Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. Insufficient input validation in the SNP_GUEST_REQUEST command may lead to a potential data abort error and a denial of service. Affected products include: Amd Epyc 7232P Firmware, Amd Epyc 7763 Firmware, Amd Epyc 7713P Firmware, Amd Epyc 7713 Firmware, Amd Epyc 7663 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Epyc 7232P Firmware
View allImproper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-b
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access s
A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to fl
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to us
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox ent
Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity. Rated high se
Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity. Rated high severity (CVSS 7.8)
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an inva
An attacker with a compromised ASP could possibly send malformed commands to an ASP on another CPU, resulting in an out
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value poten
Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control table
Same weakness CWE-20 – Improper Input Validation
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today