CVE-2021-26382

Description

An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service.

Affected products

• AMD / Athlon™ Seriesvarious – various
• AMD / Ryzen™ Seriesvarious – various

References

• MISChttps://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027