Advisory Published

CVE-2021-26352: Buffer Overflow

First published: Tue May 10 2022(Updated: )

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.


Affected SoftwareAffected VersionHow to fix
Amd Ryzen 5 2600 Firmware
Amd Ryzen 5 2600
Amd Ryzen 5 2600x Firmware
Amd Ryzen 5 2600x
Amd Ryzen 5 2700x Firmware
Amd Ryzen 5 2700x
Amd Ryzen 5 2700 Firmware
Amd Ryzen 5 2700
Amd Ryzen 5 3600 Firmware
Amd Ryzen 5 3600
Amd Ryzen 5 3600x Firmware
Amd Ryzen 5 3600x
Amd Ryzen 7 3700x Firmware
Amd Ryzen 7 3700x
Amd Ryzen 7 3800x Firmware
Amd Ryzen 7 3800x
Amd Ryzen 9 3900x Firmware
Amd Ryzen 9 3900x
Amd Ryzen 9 3950x Firmware
Amd Ryzen 9 3950x
Amd Ryzen 9 5950x Firmware
Amd Ryzen 9 5950x
Amd Ryzen 9 5900x Firmware
Amd Ryzen 9 5900x
Amd Ryzen 7 5800x Firmware
Amd Ryzen 7 5800x
Amd Ryzen 7 5700g Firmware
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware
Amd Ryzen 5 5600g
Amd Ryzen 5 5600x Firmware
Amd Ryzen 5 5600x
Amd Ryzen 5 5600ge Firmware
Amd Ryzen 5 5600ge
Amd Ryzen 3 5300g Firmware
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware
Amd Ryzen 3 5300ge
Amd Ryzen Threadripper 2990wx Firmware
Amd Ryzen Threadripper 2990wx
Amd Ryzen Threadripper 2970wx Firmware
Amd Ryzen Threadripper 2970wx
Amd Ryzen Threadripper 2950x Firmware
Amd Ryzen Threadripper 2950x
Amd Ryzen Threadripper 2920x Firmware
Amd Ryzen Threadripper 2920x
Amd Ryzen Threadripper 3970x Firmware
Amd Ryzen Threadripper 3970x
Amd Ryzen Threadripper Pro 5995wx Firmware
Amd Ryzen Threadripper Pro 5995wx
Amd Ryzen Threadripper Pro 5975wx Firmware
Amd Ryzen Threadripper Pro 5975wx
Amd Ryzen Threadripper Pro 5965wx Firmware
Amd Ryzen Threadripper Pro 5965wx
Amd Ryzen Threadripper Pro 5955wx Firmware
Amd Ryzen Threadripper Pro 5955wx
Amd Ryzen Threadripper Pro 5945wx Firmware
Amd Ryzen Threadripper Pro 5945wx

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2021-26352?

    The severity of CVE-2021-26352 is medium with a severity value of 5.5.

  • How does CVE-2021-26352 affect AMD Ryzen 5 2600 Firmware?

    CVE-2021-26352 affects AMD Ryzen 5 2600 Firmware and may result in denial of service due to insufficient bound checks in the System Management Unit (SMU) PCIe Hot Plug table.

  • Is AMD Ryzen 5 2600x vulnerable to CVE-2021-26352?

    No, AMD Ryzen 5 2600x is not vulnerable to CVE-2021-26352.

  • What is the CWE ID of CVE-2021-26352?

    The CWE ID of CVE-2021-26352 is 119.

  • How can I fix CVE-2021-26352?

    To address CVE-2021-26352, it is recommended to apply the firmware update provided by AMD. Please refer to the AMD product security bulletin for more information.


SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203