medium
6
Advisory Published
Updated

CVE-2021-26367

First published: Tue Aug 13 2024(Updated: )

A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.

Credit: psirt@amd.com

Affected SoftwareAffected VersionHow to fix
All of
AMD Radeon Software for HIP<23.12.1
Any of
AMD Radeon RX 6300M
AMD Radeon RX 6400
AMD Radeon RX 6450M
AMD Radeon RX 6500 XT
AMD Radeon RX 6500M
AMD Radeon RX 6550M
AMD Radeon RX 6550S
AMD Radeon RX 6600
AMD Radeon RX 6600 XT
AMD Radeon RX 6600M
AMD Radeon RX 6600S
AMD Radeon RX 6650 XT
AMD Radeon RX 6650M XT
AMD Radeon RX 6650M XT
AMD Radeon RX 6700
AMD Radeon RX 6700 XT
AMD Radeon RX 6700M
AMD Radeon RX 6700S
AMD Radeon RX 6750 GRE 10GB
AMD Radeon RX 6750 XT
AMD Radeon RX 6800
AMD Radeon RX 6800 XT Firmware
AMD Radeon RX 6800M
AMD Radeon RX 6800
AMD Radeon RX 6850M XT
AMD Radeon RX 6900 XT
AMD Radeon RX 6950XT Firmware
All of
AMD Radeon Software for HIP<=23.q4
Any of
AMD Radeon Pro W6300
AMD Radeon Pro W6400 Firmware
AMD Radeon Pro W6600
AMD Radeon Pro W6800
All of
AMD Ryzen 9 5980HX<cezannepi-fp6_1.0.0.6
AMD Ryzen 9 5980HX
All of
AMD Ryzen 3 Pro 3300U Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 3 Pro 3300U
All of
AMD Ryzen 3 3350U Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 3 3350U Firmware
All of
AMD Ryzen 5 3450U Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 5 3450U
All of
AMD Ryzen 5 Pro 3500U Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 5 3500U Firmware
All of
AMD Ryzen 5 3500C Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 5 3500C Firmware
All of
AMD Ryzen 5 3550H Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 5 3550H Firmware
All of
AMD Ryzen 5 3580U Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 5 3580U Firmware
All of
AMD Ryzen 7 Pro 3700U Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 7 3700U
All of
AMD Ryzen 7 3700C Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 7 3700C Firmware
All of
AMD Ryzen 7 3750H Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 7 3750H Firmware
All of
AMD Ryzen 7 3780U Firmware<picassopi-fp5_1.0.0.e
AMD Ryzen 7 3780U Firmware
All of
AMD Athlon Gold 3150C Firmware<picassopi-fp5_1.0.0.e
AMD Athlon Gold 3150C Firmware
All of
AMD Athlon Gold 3150U<picassopi-fp5_1.0.0.e
AMD Athlon Gold 3150U
All of
AMD Athlon Pro 3145B Firmware<picassopi-fp5_1.0.0.e
AMD Athlon Pro 3145B Firmware
All of
AMD Athlon Silver 3050U firmware<picassopi-fp5_1.0.0.e
AMD Athlon Silver 3050c Firmware
All of
AMD Athlon Silver 3050U<picassopi-fp5_1.0.0.e
AMD Athlon Silver 3050U firmware
All of
AMD Athlon Pro 3045B<picassopi-fp5_1.0.0.e
AMD Athlon Pro
All of
AMD Athlon Silver 3050GE<picassopi-fp5_1.0.0.e
AMD Athlon Silver 3050e Firmware
All of
AMD Athlon Gold Pro 3150G Firmware<comboam4pi_1.0.0.9
AMD Athlon Gold Pro 3150G Firmware
All of
AMD Athlon Gold Pro 3150G Firmware<comboam4pi_1.0.0.9
AMD Athlon Gold 3150G Firmware
All of
AMD Athlon Gold Pro 3150GE<comboam4pi_1.0.0.9
AMD Athlon Gold Pro 3150GE Firmware
All of
AMD Athlon Pro 300GE Firmware<comboam4pi_1.0.0.9
AMD Athlon Pro 300GE Firmware
All of
AMD Ryzen 4300GE Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 4300GE Firmware
All of
AMD Ryzen 4600GE Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 5 4600GE firmware
All of
AMD Ryzen 7 4700GE Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 7 4700GE Firmware
All of
AMD Ryzen 3 4300G Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 3 4300G Firmware
All of
AMD Ryzen 4600G Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 4600G Firmware
All of
AMD Ryzen 4700G Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 7 4700G Firmware
All of
AMD Ryzen 5300GE Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 3 5300GE Firmware
All of
AMD Ryzen 3 5300G Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 3 5300G Firmware
All of
AMD Ryzen 5 5600GE Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 5 5600GE Firmware
All of
AMD Ryzen 5 5600G<comboam4v2_pi_1.2.0.5
AMD Ryzen 5 5600GT Firmware
All of
AMD Ryzen 7 5700GE Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 7 5700GE Firmware
All of
AMD Ryzen 7 5700G Firmware<comboam4v2_pi_1.2.0.5
AMD Ryzen 7 5700G Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2021-26367?

    The severity of CVE-2021-26367 is rated as medium, as it can lead to a loss of integrity and availability.

  • How do I fix CVE-2021-26367?

    To fix CVE-2021-26367, ensure that you update the AMD Radeon Software to the latest version beyond 23.12.1.

  • What software is affected by CVE-2021-26367?

    CVE-2021-26367 affects AMD Radeon Software versions up to 23.12.1, along with specific AMD Radeon and Ryzen hardware.

  • What are the potential impacts of CVE-2021-26367?

    The potential impacts of CVE-2021-26367 include unauthorized access to memory regions, leading to a loss of integrity and availability.

  • Can CVE-2021-26367 be exploited remotely?

    CVE-2021-26367 requires local access to the affected systems, so it cannot be exploited remotely.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203