CVE-2021-26312

Advisory lineage Upstream: 0 Downstream: 5

Downstream

SUSE-SU-2022:1751-1 SUSE-SU-2022:1840-1 SUSE-SU-2022:1846-1 SUSE-SU-2022:1847-1 SUSE-SU-2022:1923-1

Modified

Published: 16 Nov 2021, 17:55

Last modified:16 Sept 2024, 17:54

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.13% LOW

0% probability -0.01%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

16 Nov 2021, 17:55

Published

Vulnerability first disclosed

16 Sept 2024, 17:54

Last Modified

Vulnerability information updated

Description

Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
v2.0•LOW•Score: 2.1AV:L/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.13%• Percentile: 31%

Techniques & Countermeasures

CWE-668•Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
CWE-665•Improper Initialization
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

Affected Systems

amd•athlon™ series
various
amd•epyc_7232p_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7251_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7252_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7261_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7262_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7272_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7281_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7282_firmware
< romepi-sp3_1.0.0.c
amd•epyc_72f3_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7301_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7302_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7302p_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7313_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7313p_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7343_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7351_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7351p_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7352_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7371_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_73f3_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7401_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7402_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7402p_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7413_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7443_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7443p_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7451_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7452_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7453_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_74f3_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7501_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7502_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7502p_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7513_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7532_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7542_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7543_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7543p_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7551_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7551p_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7552_firmware
< romepi-sp3_1.0.0.c
amd•epyc_75f3_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7601_firmware
< naplespi-sp3_1.0.0.g
amd•epyc_7642_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7643_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7662_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7663_firmware
< milanpi-sp3_1.0.0.4
amd•epyc_7702_firmware
< romepi-sp3_1.0.0.c
amd•epyc_7702p_firmware
< romepi-sp3_1.0.0.c

Showing first 50 affected entries in server-rendered view.