CVE-2021-26356

CVSS V2 None CVSS V3 None

Description

A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure.

Overview

CVE ID
CVE-2021-26356

Assigner
psirt@amd.com

Vulnerability Status
Awaiting Analysis

Published Version
2023-05-09T19:15:10

Last Modified Date
2023-05-09T20:27:45

References

Reference URL	Reference Tags
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2021-26356
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26356

History

Created	Old Value	New Value	Data Type	Notes
2023-05-09 21:00:55				Added to TrackCVE