Epyc 7003 Firmware
CVE-2021-26336
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components.
AnalysisAI
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components. Affected products include: Amd Epyc 7003 Firmware, Amd Epyc 7002 Firmware, Amd Epyc 72F3 Firmware, Amd Epyc 7313 Firmware, Amd Epyc 7313P Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Epyc 7003 Firmware
View allImproper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to us
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox ent
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW,
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resul
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value poten
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, po
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the b
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of inte
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential in
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. Rated med
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today