Vulnerability CVE-2021-26347

Vulnerability CVE-2021-26347

Published: 2022-05-11

Description:

TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service.

Type:

CWE-367

(Time-of-check Time-of-use (TOCTOU) Race Condition)

CVSS2 => (AV:L/AC:M/Au:N/C:N/I:N/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.7/10	6.9/10	3.4/10

Exploit range	Attack complexity	Authentication
Local	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
None	None	Complete

References:

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028

Copyright 2026, cxsecurity.com