Insufficient validation in parsing Owner's
Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization)
and SEV-ES user application can lead to a host crash potentially resulting in
denial of service.




No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00182.

Exploitation none

Automatable yes

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
AMD Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4 unaffected
Version Status Constraints
various affected
AMD Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge” unaffected
Version Status Constraints
various affected
AMD Ryzen™ 3000 Series Desktop Processors “Matisse” AM4 unaffected
Version Status Constraints
various affected
AMD AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4 unaffected
Version Status Constraints
various affected
AMD 2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax” unaffected
Version Status Constraints
various affected
AMD 3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT unaffected
Version Status Constraints
various affected
AMD Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS unaffected
Version Status Constraints
various affected
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP unaffected
Version Status Constraints
various affected
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock” unaffected
Version Status Constraints
various affected
AMD Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5 unaffected
Version Status Constraints
various affected
AMD Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso” unaffected
Version Status Constraints
various affected
AMD 1st Gen AMD EPYC™ Processors unaffected
Version Status Constraints
various affected
AMD 2nd Gen AMD EPYC™ Processors unaffected
Version Status Constraints
various affected

Configuration 1 [-]

AND
cpe:2.3:o:amd:epyc_7232p_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:amd:epyc_7252_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:amd:epyc_7262_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:amd:epyc_7272_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:amd:epyc_7282_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:amd:epyc_7302_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:amd:epyc_7302p_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:amd:epyc_7352_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:amd:epyc_7402_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:amd:epyc_7402p_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:amd:epyc_7452_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:amd:epyc_7502_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:amd:epyc_7502p_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:amd:epyc_7532_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:amd:epyc_7542_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:amd:epyc_7552_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:amd:epyc_7642_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:amd:epyc_7662_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:amd:epyc_7702_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:amd:epyc_7702p_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:amd:epyc_7742_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:amd:epyc_7f32_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:amd:epyc_7f52_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:amd:epyc_7f72_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:amd:epyc_7h12_firmware:romepi_1.0.0.a:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7h12:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:amd:epyc_7251_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7251:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:amd:epyc_7261_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7261:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:amd:epyc_7281_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7281:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:amd:epyc_7301_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7301:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:amd:epyc_7351_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7351:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:amd:epyc_7351p_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7351p:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND
cpe:2.3:o:amd:epyc_7371_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7371:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND
cpe:2.3:o:amd:epyc_7401_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7401:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND
cpe:2.3:o:amd:epyc_7401p_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7401p:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND
cpe:2.3:o:amd:epyc_7451_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7451:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND
cpe:2.3:o:amd:epyc_7501_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7501:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND
cpe:2.3:o:amd:epyc_7551_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7551:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND
cpe:2.3:o:amd:epyc_7551p_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7551p:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND
cpe:2.3:o:amd:epyc_7571_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7571:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND
cpe:2.3:o:amd:epyc_7601_firmware:naplespi_1.0.0.e:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7601:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Amd Subscribe
Epyc 7232p Subscribe
Epyc 7232p Firmware Subscribe
Epyc 7251 Subscribe
Epyc 7251 Firmware Subscribe
Epyc 7252 Subscribe
Epyc 7252 Firmware Subscribe
Epyc 7261 Subscribe
Epyc 7261 Firmware Subscribe
Epyc 7262 Subscribe
Epyc 7262 Firmware Subscribe
Epyc 7272 Subscribe
Epyc 7272 Firmware Subscribe
Epyc 7281 Subscribe
Epyc 7281 Firmware Subscribe
Epyc 7282 Subscribe
Epyc 7282 Firmware Subscribe
Epyc 7301 Subscribe
Epyc 7301 Firmware Subscribe
Epyc 7302 Subscribe
Epyc 7302 Firmware Subscribe
Epyc 7302p Subscribe
Epyc 7302p Firmware Subscribe
Epyc 7351 Subscribe
Epyc 7351 Firmware Subscribe
Epyc 7351p Subscribe
Epyc 7351p Firmware Subscribe
Epyc 7352 Subscribe
Epyc 7352 Firmware Subscribe
Epyc 7371 Subscribe
Epyc 7371 Firmware Subscribe
Epyc 7401 Subscribe
Epyc 7401 Firmware Subscribe
Epyc 7401p Subscribe
Epyc 7401p Firmware Subscribe
Epyc 7402 Subscribe
Epyc 7402 Firmware Subscribe
Epyc 7402p Subscribe
Epyc 7402p Firmware Subscribe
Epyc 7451 Subscribe
Epyc 7451 Firmware Subscribe
Epyc 7452 Subscribe
Epyc 7452 Firmware Subscribe
Epyc 7501 Subscribe
Epyc 7501 Firmware Subscribe
Epyc 7502 Subscribe
Epyc 7502 Firmware Subscribe
Epyc 7502p Subscribe
Epyc 7502p Firmware Subscribe
Epyc 7532 Subscribe
Epyc 7532 Firmware Subscribe
Epyc 7542 Subscribe
Epyc 7542 Firmware Subscribe
Epyc 7551 Subscribe
Epyc 7551 Firmware Subscribe
Epyc 7551p Subscribe
Epyc 7551p Firmware Subscribe
Epyc 7552 Subscribe
Epyc 7552 Firmware Subscribe
Epyc 7571 Subscribe
Epyc 7571 Firmware Subscribe
Epyc 7601 Subscribe
Epyc 7601 Firmware Subscribe
Epyc 7642 Subscribe
Epyc 7642 Firmware Subscribe
Epyc 7662 Subscribe
Epyc 7662 Firmware Subscribe
Epyc 7702 Subscribe
Epyc 7702 Firmware Subscribe
Epyc 7702p Subscribe
Epyc 7702p Firmware Subscribe
Epyc 7742 Subscribe
Epyc 7742 Firmware Subscribe
Epyc 7f32 Subscribe
Epyc 7f32 Firmware Subscribe
Epyc 7f52 Subscribe
Epyc 7f52 Firmware Subscribe
Epyc 7f72 Subscribe
Epyc 7f72 Firmware Subscribe
Epyc 7h12 Subscribe
Epyc 7h12 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2021-13212 Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) and SEV-ES user application can lead to a host crash potentially resulting in denial of service.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001 cve-icon cve-icon
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 cve-icon cve-icon
History

Tue, 28 Jan 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2025-01-28T15:44:16.511Z

Reserved: 2021-01-29T21:24:26.170Z

Link: CVE-2021-26406

cve-icon Vulnrichment

Updated: 2024-08-03T20:26:25.475Z

cve-icon NVD

Status : Modified

Published: 2023-05-09T19:15:10.943

Modified: 2025-01-28T16:15:30.307

Link: CVE-2021-26406

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses