CVE-2021-39298

Summary

A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.

Affected Software

VendorProductVersion RangeStatus
AMD2nd Gen EPYCVariousaffected
AMD3rd Gen EPYCvariousaffected
AMDRyzen 2000 Seriesvariousaffected
AMDRyzen 3000 SeriesVariousaffected
AMDRyzen 5000 Seriesvariousaffected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

References