Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged
Permalink CVE-2021-26387
3.9 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months ago
Insufficient access controls in ASP kernel may allow a privileged …

Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.

References

Affected products

PI
  • ==various
AMD EPYC™ 7002 Series Processors
  • ==various
AMD EPYC™ 7003 Series Processors
  • ==various
AMD EPYC™ 9004 Series Processors
  • ==various
AMD EPYC™ Embedded 3000 Series Processors
  • ==various
AMD EPYC™ Embedded 7002 Series Processors
  • ==various
AMD EPYC™ Embedded 7003 Series Processors
  • ==various
AMD EPYC™ Embedded 9003 Series Processors
  • ==various
AMD Ryzen™ 3000 Series Desktop Processors
  • ==ComboAM4PI 1.0.0.9
  • ==ComboAM4 V2 PI 1.2.0.8
AMD Ryzen™ 5000 Series Desktop Processors
  • ==ComboAM4 V2 PI 1.2.0.8
AMD Ryzen™ 7000 Series Desktop Processors
  • ==ComboAM5 1.0.8.0
AMD Ryzen™ Embedded 5000 Series Processors
  • ==EmbAM4PI 1.0.0.2
AMD Ryzen™ Embedded R1000 Series Processors
  • ==EmbeddedPI-FP5 1.2.0.A
AMD Ryzen™ Embedded R2000 Series Processors
  • ==EmbeddedR2KPI-FP5 1.0.0.2
AMD Ryzen™ Embedded V1000 Series Processors
  • ==EmbeddedPI-FP5 1.2.0.A
AMD Ryzen™ Embedded V2000 Series Processors
  • ==EmbeddedPI-FP6 1.0.0.6
AMD Ryzen™ Embedded V3000 Series Processors
  • ==EmbeddedPI-FP7r2 1.0.0.9
AMD Ryzen™ Threadripper™ PRO 5000WX Processors
  • ==ChagallWSPI-sWRX8 1.0.0.2
AMD Ryzen™ Threadripper™ 3000 Series Processors
  • ==CastlePeakPI-SP3r3 1.0.0.7
AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors
  • ==ChagallWSPI-sWRX8 1.0.0.2
  • ==CastlePeakWSPI-sWRX8 1.0.0.9
AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics
  • ==CezannePI-FP6 1.0.0.9
AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
  • ==CezannePI-FP6 1.0.0.9
AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics
  • ==RembrandtPI-FP7 1.0.0.9b
AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics
  • ==RembrandtPI-FP7 1.0.0.9b
AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
  • ==PicassoPI-FP5 1.0.0.E
AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
  • ==RenoirPI-FP6 1.0.0.8
AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
  • ==ComboAM4v2 PI 1.2.0.6
AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
  • ==CezannePI-FP6 1.0.0.9
  • ==CezannePI-FP6 1.0.0.9
AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics
  • ==ComboAM4v2 PI 1.2.0.5
AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics
  • ==ComboAM4v2 PI 1.2.0.8
  • ==ComboAM4PI 1.0.0.9
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
  • ==PollockPI-FT5 1.0.0.4
  • ==PicassoPI-FP5 1.0.0.E

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go

  • nixos-unstable -