CVE-2021-26377 | THREATINT

Description

Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.

PUBLISHED Reserved 2021-01-29 | Published 2025-09-06 | Updated 2025-09-08 | Assigner AMD

MEDIUM: 4.1CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-190 Integer Overflow or Wraparound

Product status

Default status

affected

CezannePI-FP6 1.0.0.8

unaffected

Default status

affected

CastlePeakPI-SP3r3 1.0.0.7

unaffected

Default status

affected

CastlePeakWSPI-sWRX8 1.0.0.9

unaffected

Default status

affected

CezannePI-FP6 1.0.0.8

unaffected

Default status

affected

ChagallWSPI-sWRX8 1.0.0.2

unaffected

Default status

affected

ComboAM4v2 PI 1.2.0.5

unaffected

Default status

affected

PicassoPI-FP5 1.0.0.E

unaffected

PollockPI-FT5 1.0.0.4

unaffected

Default status

affected

CezannePI-FP6 1.0.0.8

unaffected

Default status

affected

ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8

unaffected

Default status

affected

CezannePI-FP6 1.0.0.8

unaffected

Default status

affected

ComboAM4v2 PI 1.2.0.5

unaffected

Default status

affected

RenoirPI-FP6 1.0.0.8

unaffected

Default status

affected

ComboAM4 V2 PI 1.2.0.8

unaffected

Default status

affected

RembrandtPI-FP7_0.0.8.0 RC1

unaffected

Default status

affected

EmbeddedPI-FP5_1.2.0.A

unaffected

Default status

affected

EmbeddedR2KPI-FP5_1.0.0.2

unaffected

Default status

affected

EmbAM4PI 1.0.0.2

unaffected

Default status

affected

EmbeddedPI-FP5_1.2.0.A

unaffected

Default status

affected

EmbeddedPI-FP6_1.0.0.6

unaffected

Default status

affected

EmbeddedPI-FP7r2_1000

unaffected

Default status

affected

AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)

unaffected

AMD Software: PRO Edition 24.Q2 (24.10.20)

unaffected

Default status

affected

AMD Software: PRO Edition 24.Q2 (24.10.20)

unaffected

Default status

affected

AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)

unaffected

AMD Software: PRO Edition 24.Q2 (24.10.20)

unaffected

Default status

affected

AMD Software: PRO Edition 24.Q2 (24.10.20)

unaffected

Default status

affected

Contact your AMD Customer Engineering representative

unaffected

Default status

affected

Contact your AMD Customer Engineering representative

unaffected

Default status

affected

Contact your AMD Customer Engineering representative

unaffected

References

www.amd.com/...es/product-security/bulletin/AMD-SB-4012.html

www.amd.com/...es/product-security/bulletin/AMD-SB-6018.html

www.amd.com/...es/product-security/bulletin/AMD-SB-5007.html

cve.org (CVE-2021-26377)

nvd.nist.gov (CVE-2021-26377)

Download JSON