What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2021-26332.

What is the severity of CVE-2021-26332?

The severity of CVE-2021-26332 is high with a severity value of 7.1.

What is the affected software for CVE-2021-26332?

The affected software for CVE-2021-26332 includes Amd Epyc 7763 Firmware (up to exclusive version milanpi-sp3_1.0.0.4), Amd Epyc 7713p Firmware (up to exclusive version milanpi-sp3_1.0.0.4), and other related versions.

What is the potential impact of CVE-2021-26332?

The potential impact of CVE-2021-26332 is a potential loss of integrity or availability.

Where can I find more information about CVE-2021-26332?

You can find more information about CVE-2021-26332 on the AMD product security website.

Vulnerability/
CVE-2021-26332

high

7.1

10/5/2022

16/9/2024

CVE-2021-26332

First published: Tue May 10 2022(Updated: )

Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.

Credit: psirt@amd.com

Affected Software	Affected Version	How to fix
AMD EPYC 7763 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7763 Firmware
AMD EPYC 7713P Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7713P Firmware
AMD EPYC 7713P Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7713
AMD EPYC 7663 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7663 Firmware
AMD EPYC 7643 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7643
AMD EPYC 75F3 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 75F3
AMD EPYC 7543P Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7543P Firmware
Amd Epyc Server Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7543 Firmware
AMD EPYC 7513 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7513
Amd Epyc Server Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7453
AMD EPYC 74F3 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 74F3
AMD EPYC 7443P Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7443P
AMD EPYC 7443 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7443
AMD EPYC 7413 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7413 Firmware
AMD EPYC 73F3 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 73F3
Amd Epyc Server Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7343
AMD EPYC 7313P Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7313P
Amd Epyc Server Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7313P
AMD EPYC 72F3 Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 72F3 Firmware
AMD EPYC 7773X Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7773X
AMD EPYC 7473X Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7473X
AMD EPYC 7573X Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7573X
AMD EPYC 7373X Firmware	<milanpi-sp3_1.0.0.4
AMD EPYC 7373X

Never miss a vulnerability like this again

Reference Links

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-26332.
What is the severity of CVE-2021-26332?
The severity of CVE-2021-26332 is high with a severity value of 7.1.
What is the affected software for CVE-2021-26332?
The affected software for CVE-2021-26332 includes Amd Epyc 7763 Firmware (up to exclusive version milanpi-sp3_1.0.0.4), Amd Epyc 7713p Firmware (up to exclusive version milanpi-sp3_1.0.0.4), and other related versions.
What is the potential impact of CVE-2021-26332?
The potential impact of CVE-2021-26332 is a potential loss of integrity or availability.
Where can I find more information about CVE-2021-26332?
You can find more information about CVE-2021-26332 on the AMD product security website.