Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
437
VMScore

CVE-2021-26339

Published: 11/05/2022 Updated: 23/05/2022
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Amd

Vulnerability Summary

A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

amd epyc_7763_firmware

amd epyc_7713p_firmware

amd epyc_7713_firmware

amd epyc_7663_firmware

amd epyc_7643_firmware

amd epyc_75f3_firmware

amd epyc_7543p_firmware

amd epyc_7543_firmware

amd epyc_7513_firmware

amd epyc_7453_firmware

amd epyc_74f3_firmware

amd epyc_7443p_firmware

amd epyc_7443_firmware

amd epyc_7413_firmware

amd epyc_73f3_firmware

amd epyc_7343_firmware

amd epyc_7313p_firmware

amd epyc_7313_firmware

amd epyc_72f3_firmware

amd epyc_7773x_firmware

amd epyc_7473x_firmware

amd epyc_7573x_firmware

amd epyc_7373x_firmware

amd ryzen_7_5700g_firmware

amd ryzen_7_5700ge_firmware

amd ryzen_5_5700g_firmware

amd ryzen_5_5700ge_firmware

amd ryzen_3_5300g_firmware

amd ryzen_3_5300ge_firmware

amd ryzen_7_4700g_firmware

amd ryzen_7_4700ge_firmware

amd ryzen_5_4600g_firmware

amd ryzen_5_4600ge_firmware

amd ryzen_3_4300g_firmware

amd ryzen_3_4300ge_firmware

amd ryzen_threadripper_pro_3945wx_firmware

amd ryzen_threadripper_pro_3955wx_firmware -

amd ryzen_threadripper_pro_3975wx_firmware -

amd ryzen_threadripper_pro_3995wx_firmware -

amd ryzen_threadripper_pro_5945wx_firmware -

amd ryzen_threadripper_pro_5955wx_firmware -

amd ryzen_threadripper_pro_5965wx_firmware -

amd ryzen_threadripper_pro_5975wx_firmware -

amd ryzen_threadripper_pro_5995wx_firmware -

amd ryzen_3_2200u_firmware -

amd ryzen_3_2300u_firmware -

amd ryzen_3_pro_2300u_firmware -

amd ryzen_5_2500u_firmware -

amd ryzen_5_pro_2500u_firmware -

amd ryzen_5_2600h_firmware -

amd ryzen_7_2700u_firmware -

amd ryzen_7_pro_2700u_firmware -

amd ryzen_7_2800h_firmware -

amd ryzen_3_3300g_firmware -

amd ryzen_3_3300x_firmware -

amd ryzen_3_3100_firmware -

amd ryzen_3_pro_3300u_firmware -

amd ryzen_5_3400g_firmware -

amd ryzen_5_3450g_firmware -

amd ryzen_5_3600_firmware -

amd ryzen_5_3600x_firmware -

amd ryzen_5_pro_3500u_firmware -

amd ryzen_7_3700x_firmware -

amd ryzen_7_3800x_firmware -

amd ryzen_7_pro_3700u_firmware -

amd ryzen_9_5980hx_firmware

amd ryzen_9_5980hs_firmware

amd ryzen_7_5825u_firmware

amd ryzen_9_5900hx_firmware

amd ryzen_9_5900hs_firmware

amd ryzen_7_5825c_firmware

amd ryzen_7_5800h_firmware

amd ryzen_5_5625u_firmware

amd ryzen_7_5800hs_firmware

amd ryzen_5_5625c_firmware

amd ryzen_5_5600h_firmware

amd ryzen_5_5600hs_firmware

amd ryzen_7_5800u_firmware

amd ryzen_5_5600u_firmware

amd ryzen_5_5560u_firmware

amd ryzen_3_5425u_firmware

amd ryzen_3_5425c_firmware

amd ryzen_3_5400u_firmware

amd ryzen_3_5125c_firmware

Github Repositories

https://github.com/ep-infosec/50_google_silifuzz

SiliFuzz - Fuzzing CPUs by proxy What is SiliFuzz SiliFuzz is a system that finds CPU defects by fuzzing software proxies, like CPU simulators or disassemblers, and then executing the accumulated test inputs (known as the corpus) on actual CPUs on a large scale SiliFuzz is a work in progress, please refer to the paper for details Terminology Software fuzzing and coverage Fuzz

https://github.com/google/silifuzz

SiliFuzz - Fuzzing CPUs by proxy What is SiliFuzz SiliFuzz is a system that finds CPU defects by fuzzing software proxies, like CPU simulators or disassemblers, and then executing the accumulated test inputs (known as the corpus) on actual CPUs on a large scale SiliFuzz is a work in progress, please refer to the paper for details Terminology Software fuzzing and coverage Fuzz

References

NVD-CWE-noinfohttps://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028https://nvd.nist.govhttps://github.com/ep-infosec/50_google_silifuzz
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook