{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-26346","assignerOrgId":"b58fc414-a1e4-4f92-9d70-1add41838648","state":"PUBLISHED","assignerShortName":"AMD","dateReserved":"2021-01-29T21:24:26.146Z","datePublished":"2023-01-10T19:50:24.146Z","dateUpdated":"2025-04-09T15:14:19.086Z"},"containers":{"cna":{"affected":[{"defaultStatus":"affected","packageName":"AGESA","platforms":["x86"],"product":"Ryzen 5000 Series","vendor":" AMD","versions":[{"status":"affected","version":"various "}]}],"datePublic":"2023-01-10T17:30:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service."}],"value":"Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service."}],"providerMetadata":{"orgId":"b58fc414-a1e4-4f92-9d70-1add41838648","shortName":"AMD","dateUpdated":"2023-01-11T07:01:59.843Z"},"references":[{"url":"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031"}],"source":{"advisory":"AMD-SB-1031","discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T20:26:24.647Z"},"title":"CVE Program Container","references":[{"url":"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1031","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-190","lang":"en","description":"CWE-190 Integer Overflow or Wraparound"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-04-09T15:14:14.715212Z","id":"CVE-2021-26346","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-09T15:14:19.086Z"}}]}}