Vulnerability Details : CVE-2021-26391
Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.
Products affected by CVE-2021-26391
- cpe:2.3:a:amd:radeon_software:*:*:*:*:*:*:*:*
- cpe:2.3:a:amd:radeon_pro_software:*:*:*:*:enterprise:*:*:*
- cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3_5300ge_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5_5560u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3_5300u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5_5500u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_7_5700u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:a:amd:enterprise_driver:*:*:*:*:*:*:*:*
- cpe:2.3:o:amd:radeon_rx_vega_56_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:amd:radeon_rx_vega_64_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-26391
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 12 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-26391
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
References for CVE-2021-26391
-
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029
Access DeniedVendor Advisory
Jump to