CVE Vulnerabilities

CVE-2021-26382

Published: Jul 14, 2022 | Modified: Jul 29, 2022
CVSS 3.x
4.4
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service.

Affected Software

Name Vendor Start Version End Version
Ryzen_7_5700g_firmware Amd * comboam4_v2_pi_1.2.0.6c (excluding)

References