CVE-2021-26338

Q: What is the severity of CVE-2021-26338?

CVE-2021-26338 has a CVSS score of 7.5 (HIGH). CVE-2021-26338 is an improper access control vulnerability in AMD's System Management Unit (SMU) that allows attackers to override performance control tables in DRAM. This could lead to denial of service or system instability by consuming critical system resources. Affected systems include AMD EPYC processors with specific firmware versions.

7.5 HIGH

📋 TL;DR

CVE-2021-26338 is an improper access control vulnerability in AMD's System Management Unit (SMU) that allows attackers to override performance control tables in DRAM. This could lead to denial of service or system instability by consuming critical system resources. Affected systems include AMD EPYC processors with specific firmware versions.

💻 Affected Systems

Products:

AMD EPYC 7002 Series Processors
AMD EPYC 7003 Series Processors

Versions: Firmware versions prior to the patched versions specified in AMD-SB-1021

Operating Systems: All operating systems running on affected hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with vulnerable AMD EPYC processor firmware. Requires local access to exploit.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or denial of service through resource exhaustion, potentially affecting multiple virtual machines on affected servers.

🟠

Likely Case

System instability, performance degradation, or service disruption on affected AMD EPYC servers.

🟢

If Mitigated

Minimal impact if patched firmware is installed and proper access controls are enforced.

🌐 Internet-Facing: LOW - Requires local access or ability to execute code on the system.

🏢 Internal Only: MEDIUM - Could be exploited by malicious insiders or compromised internal accounts with system access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires detailed knowledge of SMU architecture and ability to execute code on the system. No public exploits have been documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates as specified in AMD-SB-1021 advisory

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021

Restart Required: Yes

Instructions:

1. Check AMD-SB-1021 for specific firmware versions. 2. Obtain updated firmware from your system vendor. 3. Apply firmware update following vendor instructions. 4. Reboot system to activate new firmware.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit physical and administrative access to affected systems to trusted personnel only.

Implement Least Privilege

all

Ensure users and applications have only necessary permissions to reduce attack surface.

🧯 If You Can't Patch

Isolate affected systems in secure network segments
Implement strict access controls and monitoring for privileged accounts

🔍 How to Verify

Check if Vulnerable:

Check system firmware version against vulnerable versions listed in AMD-SB-1021 advisory.

Check Version:

System-specific commands vary by vendor (e.g., 'dmidecode -t bios' on Linux, system information tools on Windows)

Verify Fix Applied:

Verify firmware version matches or exceeds patched versions specified in AMD-SB-1021.

📡 Detection & Monitoring

Log Indicators:

Unexpected system crashes
Performance degradation alerts
Firmware modification attempts

Network Indicators:

None - local exploitation only

SIEM Query:

Search for system crash events, performance alerts, or unauthorized access attempts on affected hardware

📊 Metadata

CVE ID: CVE-2021-26338

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-284

Published: November 16, 2021

Last Updated: November 21, 2024

🔗 References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021 Vendor Advisory
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Epyc 7232p Firmware by Amd

Epyc 7252 Firmware by Amd

Epyc 7262 Firmware by Amd

Epyc 7272 Firmware by Amd

Epyc 7282 Firmware by Amd

Epyc 72f3 Firmware by Amd

Epyc 7302 Firmware by Amd

Epyc 7302p Firmware by Amd

Epyc 7313 Firmware by Amd

Epyc 7313p Firmware by Amd

Epyc 7343 Firmware by Amd

Epyc 7352 Firmware by Amd

Epyc 73f3 Firmware by Amd

Epyc 7402 Firmware by Amd

Epyc 7402p Firmware by Amd

Epyc 7413 Firmware by Amd

Epyc 7443 Firmware by Amd

Epyc 7443p Firmware by Amd

Epyc 7452 Firmware by Amd

Epyc 7453 Firmware by Amd

Epyc 74f3 Firmware by Amd

Epyc 7502 Firmware by Amd

Epyc 7502p Firmware by Amd

Epyc 7513 Firmware by Amd

Epyc 7532 Firmware by Amd

Epyc 7542 Firmware by Amd

Epyc 7543 Firmware by Amd

Epyc 7543p Firmware by Amd

Epyc 7552 Firmware by Amd

Epyc 75f3 Firmware by Amd

Epyc 7642 Firmware by Amd

Epyc 7643 Firmware by Amd

Epyc 7662 Firmware by Amd

Epyc 7663 Firmware by Amd

Epyc 7702 Firmware by Amd

Epyc 7702p Firmware by Amd

Epyc 7713 Firmware by Amd

Epyc 7713p Firmware by Amd

Epyc 7742 Firmware by Amd

Epyc 7763 Firmware by Amd

Epyc 7f32 Firmware by Amd

Epyc 7f52 Firmware by Amd

Epyc 7f72 Firmware by Amd

Epyc 7h12 Firmware by Amd