CVE-2021-39298
N/A
N/A
Summary
A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AMD | 2nd Gen EPYC | Various | affected |
| AMD | 3rd Gen EPYC | various | affected |
| AMD | Ryzen 2000 Series | various | affected |
| AMD | Ryzen 3000 Series | Various | affected |
| AMD | Ryzen 5000 Series | various | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027
References
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.