Vulnerability-Lookup

WID-SEC-W-2026-0381

Vulnerability from csaf_certbund - Published: 2026-02-10 23:00 - Updated: 2026-06-16 22:00

Summary

AMD EPYC, Athlon und Ryzen Prozessoren: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Prozessoren sind die zentralen Rechenwerke eines Computers.

Angriff: Ein Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuführen, sich erhöhte Berechtigungen zu verschaffen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.

Betroffene Betriebssysteme: - BIOS/Firmware - Hardware Appliance - Sonstiges

CVE-2021-26381

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2021-26410

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2021-46747

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2023-20540

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-21953

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-21961

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36310

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36311

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36355

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0012

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0026

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0029

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0031

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0045

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29939

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29946

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29948

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29949

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29950

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29951

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29952

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48509

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48514

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-485142

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48515

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48517

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52533

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-525331

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52534

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52536

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-54514

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

References

9 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.amd.com/en/resources/product-security…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://support.hp.com/de-de/document/ish_1406752…	external
https://support.lenovo.com/us/en/product_security…	external
https://www.dell.com/support/kbdoc/de-de/00039867…	external
https://www.dell.com/support/kbdoc/en-us/00042670…	external
https://support.hp.com/de-de/document/ish_1514274…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Prozessoren sind die zentralen Rechenwerke eines Computers.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuf\u00fchren, sich erh\u00f6hte Berechtigungen zu verschaffen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware\n- Hardware Appliance\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0381 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0381.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0381 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0381"
      },
      {
        "category": "external",
        "summary": "AMD Athlon and AMD Ryzen Processor Vulnerabilities \u2013 February 2026 vom 2026-02-10",
        "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4013.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04999 vom 2026-02-10",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04999en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04090 vom 2025-12-05",
        "url": "https://support.hp.com/de-de/document/ish_14067521-14067543-16/HPSBHF04090"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-210698 vom 2026-02-10",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-210698"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-016 vom 2026-02-10",
        "url": "https://www.dell.com/support/kbdoc/de-de/000398671/dsa-2026-016"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-026 vom 2026-02-11",
        "url": "https://www.dell.com/support/kbdoc/en-us/000426703/dsa-2026-026-security-update-for-dell-amd-based-poweredge-server-vulnerability"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04127 vom 2026-06-12",
        "url": "https://support.hp.com/de-de/document/ish_15142748-15143245-16/HPSBHF04127"
      }
    ],
    "source_lang": "en-US",
    "title": "AMD EPYC, Athlon und Ryzen Prozessoren: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-16T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-17T09:10:31.386+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-0381",
      "initial_release_date": "2026-02-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-02-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-02-11T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-05-14T22:00:00.000+00:00",
          "number": "3",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-209862"
        },
        {
          "date": "2026-06-01T22:00:00.000+00:00",
          "number": "4",
          "summary": "Referenz(en) aufgenommen: EUVD-2021-34843"
        },
        {
          "date": "2026-06-16T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "EPYC",
                "product": {
                  "name": "AMD Prozessor EPYC",
                  "product_id": "T050793",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:epyc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "EPYC Embedded",
                "product": {
                  "name": "AMD Prozessor EPYC Embedded",
                  "product_id": "T050794",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:epyc_embedded"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Athlon",
                "product": {
                  "name": "AMD Prozessor Athlon",
                  "product_id": "T050795",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:athlon"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Ryzen",
                "product": {
                  "name": "AMD Prozessor Ryzen",
                  "product_id": "T050796",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:ryzen"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Prozessor"
          }
        ],
        "category": "vendor",
        "name": "AMD"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T043182",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Dell PowerEdge",
            "product": {
              "name": "Dell PowerEdge",
              "product_id": "T028211",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:poweredge:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T030989",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HPE ProLiant",
            "product": {
              "name": "HPE ProLiant",
              "product_id": "T009310",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:proliant:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T048897",
              "product_identification_helper": {
                "cpe": "cpe:/h:lenovo:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-26381",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26381"
    },
    {
      "cve": "CVE-2021-26410",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26410"
    },
    {
      "cve": "CVE-2021-46747",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-46747"
    },
    {
      "cve": "CVE-2023-20540",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-20540"
    },
    {
      "cve": "CVE-2024-21953",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-21953"
    },
    {
      "cve": "CVE-2024-21961",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-21961"
    },
    {
      "cve": "CVE-2024-36310",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36310"
    },
    {
      "cve": "CVE-2024-36311",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36311"
    },
    {
      "cve": "CVE-2024-36355",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36355"
    },
    {
      "cve": "CVE-2025-0012",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0012"
    },
    {
      "cve": "CVE-2025-0026",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0026"
    },
    {
      "cve": "CVE-2025-0029",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0029"
    },
    {
      "cve": "CVE-2025-0031",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0031"
    },
    {
      "cve": "CVE-2025-0045",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0045"
    },
    {
      "cve": "CVE-2025-29939",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29939"
    },
    {
      "cve": "CVE-2025-29946",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29946"
    },
    {
      "cve": "CVE-2025-29948",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29948"
    },
    {
      "cve": "CVE-2025-29949",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29949"
    },
    {
      "cve": "CVE-2025-29950",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29950"
    },
    {
      "cve": "CVE-2025-29951",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29951"
    },
    {
      "cve": "CVE-2025-29952",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29952"
    },
    {
      "cve": "CVE-2025-48509",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48509"
    },
    {
      "cve": "CVE-2025-48514",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48514"
    },
    {
      "cve": "CVE-2025-485142",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-485142"
    },
    {
      "cve": "CVE-2025-48515",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48515"
    },
    {
      "cve": "CVE-2025-48517",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48517"
    },
    {
      "cve": "CVE-2025-52533",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52533"
    },
    {
      "cve": "CVE-2025-525331",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-525331"
    },
    {
      "cve": "CVE-2025-52534",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52534"
    },
    {
      "cve": "CVE-2025-52536",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52536"
    },
    {
      "cve": "CVE-2025-54514",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-54514"
    }
  ]
}

CVE-2021-26381 (GCVE-0-2021-26381)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:47 – Updated: 2026-02-26 14:44

Summary

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption.

Severity

7.1 (High)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

22 products

Vendor	Product	Version
AMD	AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors	Unaffected: ChagallWSPI-sWRX8 1.0.0.2/ CastlePeakWSPI-sWRX8 1.0.0.9
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	Unaffected: ComboAM4v2 PI 1.2.0.5
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors	Unaffected: ChagallWSPI-sWRX8 1.0.0.1
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: PicassoPI-FP5 1.0.0.E
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.0.8
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Unaffected: ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Unaffected: RenoirPI-FP6 1.0.0.8
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: ComboAM4v2 PI 1.2.0.5
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Unaffected: ComboAM4 V2 PI 1.2.0.8
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: EmbeddedPI-FP5 1.2.0.A
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
AMD	AMD Ryzen™ Embedded 5000 Series Processors	Unaffected: EmbAM4PI 1.0.0.2
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: EmbeddedPI-FP5 1.2.0.A
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")	Unaffected: 120A
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: EmbeddedPI-FP6_1.0.0.6
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: EmbeddedPI-FP7r2_0080
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)
AMD	AMD Radeon™ PRO V520	Unaffected: Contact Your AMD Customer Engineering Represenatative
AMD	AMD Radeon™ PRO V620	Unaffected: Contact Your AMD Customer Engineering Represenatative

Date Public

2026-02-11 14:10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-26381",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T04:56:50.339235Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:28.708Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.2/ CastlePeakWSPI-sWRX8 1.0.0.9"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4 V2 PI 1.2.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5_1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbAM4PI 1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "120A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6_1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP7r2_0080"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.4.1 (24.30.31.08), AMD Software: PRO Edition 25.Q2(25.10.10)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact Your AMD Customer Engineering Represenatative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact Your AMD Customer Engineering Represenatative"
            }
          ]
        }
      ],
      "datePublic": "2026-02-11T14:10:05.596Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption.\u003cbr\u003e"
            }
          ],
          "value": "Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770  Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T14:11:54.692Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2021-26381",
    "datePublished": "2026-02-10T19:47:26.356Z",
    "dateReserved": "2021-01-29T21:24:26.159Z",
    "dateUpdated": "2026-02-26T14:44:28.708Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-26410 (GCVE-0-2021-26410)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:48 – Updated: 2026-02-12 14:12

Summary

Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure.

Severity

1.8 (Low)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-822 - Untrusted Pointer Dereference

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

17 products

Vendor	Product	Version
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	Unaffected: ComboAM4v2 PI 1.2.0.5+ iGPU Driver Update
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Unaffected: RenoirPI-FP6 1.0.0.8
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.0.8
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.0.8
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: ComboAM4v2 PI 1.2.0.5
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: EmbeddedPI-FP6_1.0.0.6
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: EmbeddedPI-FP7r2_1.0.0.0
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)
AMD	AMD Radeon™ PRO V520	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V620	Unaffected: Contact your AMD Customer Engineering representative

Date Public

2026-02-12 14:11

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-26410",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T20:50:03.494468Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-10T20:50:34.974Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.5+ iGPU Driver Update"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5_1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6_1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP7r2_1.0.0.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10), Radeon Software For Linux (25.10.1)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "datePublic": "2026-02-12T14:11:22.042Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure. \u003cbr\u003e"
            }
          ],
          "value": "Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "baseScore": 1.8,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-822",
              "description": "CWE-822  Untrusted Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T14:12:04.201Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2021-26410",
    "datePublished": "2026-02-10T19:48:36.645Z",
    "dateReserved": "2021-01-29T21:24:26.172Z",
    "dateUpdated": "2026-02-12T14:12:04.201Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-46747 (GCVE-0-2021-46747)

Vulnerability from cvelistv5 – Published: 2026-06-01 19:01 – Updated: 2026-06-02 13:45

Summary

Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures leading to a potential escalation of privileges.

Severity

7.1 (High)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-1220 - Insufficient Granularity of Access Control

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

27 products

Vendor	Product	Version
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: PicassoPI-FP5 1.0.0.E
AMD	AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors	Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9 Unaffected: ChagallWSPI-sWRX8 1.0.0.2
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	Unaffected: ComboAM4v2 PI 1.2.0.6
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors	Unaffected: ChagallWSPI-sWRX8 1.0.0.1
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Unaffected: RenoirPI-FP6 1.0.0.8
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: PicassoPI-FP5 1.0.0.E
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.0.9
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Unaffected: ComboAM4PI 1.0.0.9/ComboAM4 V2 PI 1.2.0.8
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics	Unaffected: ComboAM4v2 PI 1.2.0.8
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.0.9
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: ComboAM4v2 PI 1.2.0.6
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Unaffected: ComboAM4 V2 PI 1.2.0.8
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: EmbeddedPI-FP5_1002
AMD	AMD Ryzen™ Embedded 5000 Series Processors	Unaffected: EmbAM4PI 1.0.0.2
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")	Unaffected: EmbeddedPI-FP5_1.2.0.A
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: EmbeddedPI-FP6_1.0.0.6
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: EmbeddedPI-FP7r2_0080
AMD	AMD Radeon™ RX 5000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.11.1 (25.10.33.03)
AMD	AMD Radeon™ PRO W5000 Series Graphics Products	Unaffected: AMD Software: PRO Edition 25.Q3.1 (25.10.32)
AMD	AMD Radeon™ RX 6000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.11.1 (25.10.33.03)
AMD	AMD Radeon™ RX 7000 Series Graphics Products	Unaffected: AMD Software: Adrenalin Edition 25.11.1 (25.10.33.03)
AMD	AMD Radeon™ PRO W6000 Series Graphics Products	Unaffected: AMD Software: PRO Edition 25.Q3.1 (25.10.32)
AMD	AMD Radeon™ PRO W7000 Series Graphics Products	Unaffected: AMD Software: PRO Edition 25.Q3.1 (25.10.32)
AMD	AMD Radeon™ PRO V520	Unaffected: Contact your AMD Customer Engineering representative
AMD	AMD Radeon™ PRO V620	Unaffected: Contact your AMD Customer Engineering representative

Date Public

2026-06-01 18:56

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-46747",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-02T03:56:08.958235Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-02T13:45:20.545Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
            },
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6 1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.9"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4PI 1.0.0.9/ComboAM4 V2 PI 1.2.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.9"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2 PI 1.2.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4 V2 PI 1.2.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1002"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbAM4PI 1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5_1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6_1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP7r2_0080"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.11.1 (25.10.33.03)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 25.Q3.1 (25.10.32)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.11.1 (25.10.33.03)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.11.1 (25.10.33.03)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 25.Q3.1 (25.10.32)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 25.Q3.1 (25.10.32)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "datePublic": "2026-06-01T18:56:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures leading to a potential escalation of privileges. \u003cbr\u003e"
            }
          ],
          "value": "Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures leading to a potential escalation of privileges."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1220",
              "description": "CWE-1220  Insufficient Granularity of Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-01T19:01:27.968Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2021-46747",
    "datePublished": "2026-06-01T19:01:27.968Z",
    "dateReserved": "2022-03-31T16:50:27.864Z",
    "dateUpdated": "2026-06-02T13:45:20.545Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-21953 (GCVE-0-2024-21953)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:11 – Updated: 2026-02-10 21:00

Summary

Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity.

Severity

5.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-1284 - Improper Validation of Specified Quantity in Input

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

3 products

Vendor	Product	Version
AMD	AMD EPYC™ 9004 Series Processors	Unaffected: GenoaPI 1.0.0.F
AMD	AMD EPYC™ 8004 Series Processors	Unaffected: GenoaPI 1.0.0.F
AMD	AMD EPYC™ Embedded 9004 Series Processors	Unaffected: EmbGenoaPI-SP5 1.0.0.B

Date Public

2026-02-10 19:05

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21953",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T21:00:30.463742Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-10T21:00:57.491Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.B"
            }
          ]
        }
      ],
      "datePublic": "2026-02-10T19:05:49.011Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284  Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T19:11:17.966Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/Emb-Auto.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-21953",
    "datePublished": "2026-02-10T19:11:17.966Z",
    "dateReserved": "2024-01-03T16:43:26.977Z",
    "dateUpdated": "2026-02-10T21:00:57.491Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-21961 (GCVE-0-2024-21961)

Vulnerability from cvelistv5 – Published: 2026-02-12 23:45 – Updated: 2026-02-13 13:19

Summary

Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability.

Severity

6 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

22 products

Vendor	Product	Version
AMD	AMD EPYC™ 7002 Series Processors	Unaffected: No Fix Planned
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: Errata #1165,1166,1526
AMD	AMD Ryzen™ 7000 Series Desktop Processors	Unaffected: Errata #1526
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Unaffected: Errata #1165,1166,1526
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Unaffected: Errata #1165,1166,1526
AMD	AMD Ryzen™ Z1 Series Processors	Unaffected: Errata #1526
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	Unaffected: Errata #1526
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	Unaffected: Errata #1526
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: Errata #1526
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Unaffected: Errata #1165,1166,1526
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics	Unaffected: Errata #1526
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Unaffected: Errata #1165,1166,1526
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	Unaffected: Errata #1526
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	Unaffected: Errata #1165,1166,1526
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: Errata #1165,1166,1526
AMD	AMD Ryzen™ Z2 Series Processors	Unaffected: Errata #1526
AMD	AMD EPYC™ Embedded 7002 Series Processors	Unaffected: No fix planned
AMD	AMD Ryzen™ Embedded 5000 Series Processors	Unaffected: No fix planned
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: No fix planned
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: No fix planned
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: No fix planned
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: No fix planned

Date Public

2026-02-12 23:44

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21961",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-13T13:19:28.708244Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-13T13:19:41.189Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7002 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No Fix Planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1165,1166,1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1165,1166,1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1165,1166,1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z1 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1165,1166,1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1165,1166,1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1165,1166,1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1165,1166,1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z2 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Errata #1526"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No fix planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "No fix planned"
            }
          ]
        }
      ],
      "datePublic": "2026-02-12T23:44:41.036Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper restriction of operations within the bounds of a memory buffer in PCIe\u00ae Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability.\u003cbr\u003e"
            }
          ],
          "value": "Improper restriction of operations within the bounds of a memory buffer in PCIe\u00ae Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119  Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T23:45:09.575Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-21961",
    "datePublished": "2026-02-12T23:45:09.575Z",
    "dateReserved": "2024-01-03T16:43:26.978Z",
    "dateUpdated": "2026-02-13T13:19:41.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-36310 (GCVE-0-2024-36310)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:24 – Updated: 2026-02-10 21:26

Summary

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity.

Severity

4.6 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-124 - Buffer Underwrite ('Buffer Underflow')

Assigner

AMD

References

3 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

18 products

Vendor	Product	Version
AMD	AMD EPYC™ 9004 Series Processors	Unaffected: GenoaPI 1.0.0.F
AMD	AMD EPYC™ 9005 Series Processors	Unaffected: TurinPI 1.0.0.4
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics	Unaffected: RembrandtPI-FP7_1.0.0.BD
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7_1.2.0.0c
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Unaffected: MendocinoPI-FT6_1.0.0.7c
AMD	AMD Ryzen™ 9000HX Series Mobile Processors	Unaffected: FireRangeFL1PI 1.0.0.0a
AMD	AMD Ryzen™ AI Max 300 Series Processors	Unaffected: StrixHaloPI-FP11_1.0.0.1
AMD	AMD Ryzen™ AI 300 Series Processors	Unaffected: StrixKrackanPI-FP8_1.1.0.0b
AMD	AMD Ryzen™ Threadripper™ 7000 Processors	Unaffected: StormPeakPI-SP6_1.1.0.0j
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors	Unaffected: StormPeakPI-SP6_1.0.0.1l Unaffected: StormPeakPI-SP6_1.1.0.0j
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: ComboAM5 1.1.0.3d Unaffected: ComboAM5 1.2.0.3d
AMD	AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: ComboAM5 1.2.0.3d
AMD	Not public	Unaffected: ComboAM5 1.2.0.3d
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7_1.2.0.0c
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics	Unaffected: RembrandtPI-FP7_1.0.0.BD
AMD	AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")	Unaffected: EmbGenoaPI-SP5 1.0.0.B
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: EmbeddedPhoenixPI-FP7r2_1.0.0.2
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: Embedded-PI_FP7r2 100F

Date Public

2026-02-10 19:44

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36310",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T21:26:39.317809Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-10T21:26:51.882Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "TurinPI 1.0.0.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7_1.0.0.BD"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.0c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MendocinoPI-FT6_1.0.0.7c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000HX Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "FireRangeFL1PI 1.0.0.0a"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StrixHaloPI-FP11_1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StrixKrackanPI-FP8_1.1.0.0b"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6_1.1.0.0j"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6_1.0.0.1l"
            },
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6_1.1.0.0j"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.3d"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Not public",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.0c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7_1.0.0.BD"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPhoenixPI-FP7r2_1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Embedded-PI_FP7r2 100F"
            }
          ]
        }
      ],
      "datePublic": "2026-02-10T19:44:18.322Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-124",
              "description": "CWE-124  Buffer Underwrite (\u0027Buffer Underflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T19:56:05.765Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/Emb-Auto.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36310",
    "datePublished": "2026-02-10T19:24:21.681Z",
    "dateReserved": "2024-05-23T19:44:32.296Z",
    "dateUpdated": "2026-02-10T21:26:51.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-36311 (GCVE-0-2024-36311)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:50 – Updated: 2026-02-10 20:43

Summary

A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.

Severity

4.6 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

6 products

Vendor	Product	Version
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	Unaffected: DragonRangeFL1PI 1.0.0.3h
AMD	AMD Ryzen™ 7000 Series Desktop Processors	Unaffected: ComboAM5PI 1.0.0.b Unaffected: ComboAM5PI 1.1.0.3d Unaffected: ComboAM5PI 1.2.0.3d
AMD	AMD Ryzen™ 9000HX Series Mobile Processors	Unaffected: FireRangeFL1PI 1.0.0.0a
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: ComboAM5PI 1.1.0.3d Unaffected: ComboAM5PI 1.2.0.3d
AMD	AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: ComboAM5PI 1.2.0.3d
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: EmbeddedAM5PI 1.0.0.4

Date Public

2026-02-10 19:43

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36311",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T20:42:21.238394Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-10T20:43:15.862Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "DragonRangeFL1PI 1.0.0.3h"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.0.0.b"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.1.0.3d"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000HX Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "FireRangeFL1PI 1.0.0.0a"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.1.0.3d"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedAM5PI 1.0.0.4\u200b"
            }
          ]
        }
      ],
      "datePublic": "2026-02-10T19:43:52.149Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.\u003cbr\u003e"
            }
          ],
          "value": "A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "CWE-367  Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T19:50:06.871Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36311",
    "datePublished": "2026-02-10T19:50:06.871Z",
    "dateReserved": "2024-05-23T19:44:32.296Z",
    "dateUpdated": "2026-02-10T20:43:15.862Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-36355 (GCVE-0-2024-36355)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:28 – Updated: 2026-02-26 14:44

Summary

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.

Severity

7 (High)


                        
                          CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

36 products

Vendor	Product	Version
AMD	AMD EPYC™ 9004 Series Processors	Unaffected: GenoaPI 1.0.0.E
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors	Unaffected: ChagallWSPI-sWRX8-1.0.0.B
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6_1.0.1.1b
AMD	AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors	Unaffected: CastlePeakWSPI-sWRX8 1.0.0.G Unaffected: ChagallWSPI-sWRX8-1.0.0.B
AMD	AMD Ryzen™ Z1 Series Processors	Unaffected: ComboAM5 1.1.0.3c / ComboAM5 1.2.0.3d
AMD	AMD Ryzen™ 9000 Series Desktop Processors	Unaffected: ComboAM5 1.2.0.3d
AMD	AMD Ryzen™ 7000 Series Desktop Processors	Unaffected: ComboAM5 1.2.0.3d Unaffected: ComboAM5 1.1.0.3c Unaffected: ComboAM5PI 1.0.0.E
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: PicassoPI-FP5_1.0.1.2c
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	Unaffected: ComboAM4v2PI 1.2.0.10
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Unaffected: ComboAM4PI 1.0.0.10 Unaffected: ComboAM4v2PI 1.2.0.10
AMD	AMD Ryzen™ 8000 Series Desktop Processors	Unaffected: ComboAM5 1.1.0.3c
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7_1.2.0.0c
AMD	AMD Ryzen™ Threadripper™ 7000 processor	Unaffected: StormPeakPI-SP6 1.1.0.0i
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series processors	Unaffected: StormPeakPI-SP6 1.0.0.1k / StormPeakPI-SP6 1.1.0.0i
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7_1.2.0.0c
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Unaffected: RenoirPI-FP6 1.0.0.Eb
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics	Unaffected: RembrandtPI-FP7_1.0.0.Bb
AMD	AMD Ryzen™ 8000 Series Desktop	Unaffected: ComboAM5 1.2.0.3d
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Unaffected: MendocinoPI-FT6_1.0.0.7b
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	Unaffected: DragonRangeFL1_1.0.0.3g
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: PicassoPI-FP5_1.0.1.2c
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: ComboAM4v2PI 1.2.0.10
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Unaffected: ComboAM4v2PI 1.2.0.10
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors	Unaffected: StormPeakPI-SP6 1.1.0.0i
AMD	AMD Ryzen™ Z2 Series Processors	Unaffected: PhoenixPI-FP8-FP7_1.2.0.0c
AMD	AMD Ryzen™ Z2 Series Processors Go	Unaffected: RembrandtPI-FP7_1.0.0.Bb
AMD	AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")	Unaffected: EmbGenoaPI-SP5 1.0.0.B
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: EmbeddedPI-FP5 1211
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: EmbeddedR2KPI-FP5 1006
AMD	AMD Ryzen™ Embedded 5000 Series Processors	Unaffected: EmbAM4PI 1008
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: EmbeddedAM5PI 1.0.0.4
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: EmbeddedPI-FP5 1211
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")	Unaffected: EmbeddedPI-FP5 1211
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: EmbeddedPI-FP6_1.0.0.B
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: Embedded-PI_FP7r2 100F
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: EmbeddedPhoenixPI-FP7r2_1.0.0.2

Date Public

2026-02-12 17:47

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36355",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T04:56:52.747594Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:29.203Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8-1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6_1.0.1.1b"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakWSPI-sWRX8 1.0.0.G"
            },
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8-1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z1 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.3c / ComboAM5 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.2.0.3d"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.3c"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5_1.0.1.2c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.10"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4PI 1.0.0.10"
            },
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.10"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.3c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.0c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 processor",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6 1.1.0.0i"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6 1.0.0.1k / StormPeakPI-SP6 1.1.0.0i"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.0c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6 1.0.0.Eb"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7_1.0.0.Bb"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.2.0.3d"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MendocinoPI-FT6_1.0.0.7b"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "DragonRangeFL1_1.0.0.3g"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5_1.0.1.2c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.10"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.10"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6 1.1.0.0i"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z2 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.0c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Z2 Series Processors Go",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7_1.0.0.Bb"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1211"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5 1006"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbAM4PI 1008"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedAM5PI 1.0.0.4\u200b"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1211"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1211"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6_1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Embedded-PI_FP7r2 100F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPhoenixPI-FP7r2_1.0.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-02-12T17:47:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T17:49:05.987Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36355",
    "datePublished": "2026-02-10T19:28:04.884Z",
    "dateReserved": "2024-05-23T19:44:50.001Z",
    "dateUpdated": "2026-02-26T14:44:29.203Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-0012 (GCVE-0-2025-0012)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:12 – Updated: 2026-02-10 20:57

Summary

Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.

Severity

6.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

2 products

Vendor	Product	Version
AMD	AMD EPYC™ 9005 Series Processors	Unaffected: 0x0B002147
AMD	AMD EPYC™ Embedded 9005 Series Processors	Unaffected: EmbTurinPI-SP5_1.0.0.0

Date Public

2026-02-10 19:05

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0012",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T20:55:55.258601Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-10T20:57:16.835Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "0x0B002147"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbTurinPI-SP5_1.0.0.0"
            }
          ]
        }
      ],
      "datePublic": "2026-02-10T19:05:57.961Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.\u003cbr\u003e"
            }
          ],
          "value": "Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1260",
              "description": "CWE-1260  Improper Handling of Overlap Between Protected Memory Ranges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T19:12:24.892Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-0012",
    "datePublished": "2026-02-10T19:12:24.892Z",
    "dateReserved": "2024-10-10T20:27:48.525Z",
    "dateUpdated": "2026-02-10T20:57:16.835Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-0381

CVE-2021-26381 (GCVE-0-2021-26381)

CVE-2021-26410 (GCVE-0-2021-26410)

CVE-2021-46747 (GCVE-0-2021-46747)

CVE-2024-21953 (GCVE-0-2024-21953)

CVE-2024-21961 (GCVE-0-2024-21961)

CVE-2024-36310 (GCVE-0-2024-36310)

CVE-2024-36311 (GCVE-0-2024-36311)

CVE-2024-36355 (GCVE-0-2024-36355)

CVE-2025-0012 (GCVE-0-2025-0012)

Tags

Sightings

Nomenclature