VYPR
Unrated severityNVD Advisory· Published May 9, 2023· Updated Jan 28, 2025

CVE-2021-26406

CVE-2021-26406

Description

Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service.

Affected products

15
  • AMD/SEV-ESllm-create
  • AMD/SEVllm-fuzzy
  • AMD/1st Gen AMD EPYC™ Processorsv5
    Range: various
  • AMD/2nd Gen AMD EPYC™ Processorsv5
    Range: various
  • AMD/2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax”v5
    Range: various
  • AMD/3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDTv5
    Range: various
  • AMD/AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4v5
    Range: various
  • AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULPv5
    Range: various
  • AMD/Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”v5
    Range: various
  • AMD/Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge”v5
    Range: various
  • AMD/Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4v5
    Range: various
  • AMD/Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5v5
    Range: various
  • AMD/Ryzen™ 3000 Series Desktop Processors “Matisse” AM4v5
    Range: various
  • AMD/Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”v5
    Range: various
  • AMD/Ryzen™ Threadripper™ PRO Processors “Castle Peak” WSv5
    Range: various

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.