A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure.
History

Tue, 28 Jan 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2023-05-09T18:58:48.108Z

Updated: 2025-01-28T15:48:38.470Z

Reserved: 2021-01-29T21:24:26.149Z

Link: CVE-2021-26356

cve-icon Vulnrichment

Updated: 2024-08-03T20:26:24.804Z

cve-icon NVD

Status : Modified

Published: 2023-05-09T19:15:10.737

Modified: 2025-01-28T16:15:29.150

Link: CVE-2021-26356

cve-icon Redhat

No data.