CVE-2021-26361

Description

A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure.

Affected products

• AMD / Athlon™ Seriesvarious – various
• AMD / Ryzen™ Seriesvarious – various

References

• MISChttps://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027