medium
5.5
Advisory Published
Updated

CVE-2021-26361

First published: Tue May 10 2022(Updated: )

A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure.

Credit: psirt@amd.com

Affected SoftwareAffected VersionHow to fix
AMD Radeon Software for HIP
AMD Ryzen 3 2200U Firmware
AMD Ryzen 3 2200U Firmware
AMD Ryzen 3 2300U Firmware
AMD Ryzen 3 Pro 2300U
AMD Ryzen 3 5125C Firmware
AMD Ryzen 3 5125C Firmware
AMD Ryzen 3 5400U Firmware
AMD Ryzen 3 5400U Firmware
AMD Athlon Silver 3050GE Firmware
AMD Athlon 3050GE Firmware
AMD Athlon Gold 3150GE Firmware
AMD Athlon Gold 3150GE Firmware
AMD Athlon Gold Pro 3150G Firmware
AMD Athlon Gold 3150G
AMD Ryzen 3 5425C Firmware
AMD Ryzen 3 5425C Firmware
AMD Ryzen 3 5425U
AMD Ryzen 3 5425U Firmware
AMD Ryzen 5 Pro 2500U Firmware
AMD Ryzen 5 Pro 2500U
AMD Ryzen 5 2600X
AMD Ryzen 5 2600 Firmware
AMD Ryzen 5 2600H Firmware
AMD Ryzen 5 2600H
AMD Ryzen 5 2600X
AMD Ryzen 5 2600X
AMD Ryzen 5 5560U Firmware
AMD Ryzen 5 5560U Firmware
AMD Ryzen 5 5600H Firmware
AMD Ryzen 5 5600H Firmware
AMD Ryzen 5 5600HS Firmware
AMD Ryzen 5 5600HS Firmware
AMD Ryzen 5 5600U Firmware
AMD Ryzen 5 5600U Firmware
AMD Ryzen 5 5600X
AMD Ryzen 5 5600X Firmware
AMD Ryzen 5 5625C Firmware
AMD Ryzen 5 5625C Firmware
AMD Ryzen 5 5625U Firmware
AMD Ryzen 5 5625U Firmware
AMD Ryzen 5 5700G Firmware
AMD Ryzen 5 5700G
AMD Ryzen 5 5700GE Firmware
AMD Ryzen 5 5700GE
AMD Ryzen 7 Pro 2700U Firmware
AMD Ryzen 7 Pro 2700U
AMD Ryzen 7 2700 Firmware
AMD Ryzen 7 2700 Firmware
AMD Ryzen 7 2700X
AMD Ryzen 7 2700X
AMD Ryzen 7 2800H Firmware
AMD Ryzen 7 2800H Firmware
AMD Ryzen 7 5800H Firmware
AMD Ryzen 7 5800H Firmware
AMD Ryzen 7 5800HS Firmware
AMD Ryzen 7 5800HS Firmware
AMD Ryzen 7 5800U Firmware
AMD Ryzen 7 5800U Firmware
AMD Ryzen 7 5825C Firmware
AMD Ryzen 7 5825C Firmware
AMD Ryzen 7 5825U Firmware
AMD Ryzen 7 5825U Firmware
AMD Ryzen 9 5980HX
AMD Ryzen 9 5980HX
AMD Ryzen 9 5980HS Firmware
AMD Ryzen 9 5980HS Firmware
AMD Ryzen 9 5900HX Firmware
AMD Ryzen 9 5900HX Firmware
AMD Ryzen 9 5900HS Firmware
AMD Ryzen 9 5900HS Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2021-26361?

    CVE-2021-26361 has a medium severity level due to potential information disclosure by exfiltrating arbitrary memory from the bootloader.

  • How do I fix CVE-2021-26361?

    To fix CVE-2021-26361, update the affected AMD firmware and software to the latest version provided by AMD.

  • Which systems are affected by CVE-2021-26361?

    CVE-2021-26361 affects specific versions of AMD firmware, including those for Ryzen and Athlon processors, as detailed in the vulnerability report.

  • What types of attacks can exploit CVE-2021-26361?

    CVE-2021-26361 can be exploited by an attacker via a malicious User Application or compromised AGESA Boot Loader.

  • What could be the impact of CVE-2021-26361?

    The impact of CVE-2021-26361 includes the potential for unauthorized access to sensitive memory data, leading to information disclosure.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203