Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.0006.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Amd Subscribe
Epyc 7001 Subscribe
Epyc 7001 Firmware Subscribe
Epyc 7002 Subscribe
Epyc 7002 Firmware Subscribe
Epyc 7232p Subscribe
Epyc 7232p Firmware Subscribe
Epyc 7251 Subscribe
Epyc 7251 Firmware Subscribe
Epyc 7252 Subscribe
Epyc 7252 Firmware Subscribe
Epyc 7262 Subscribe
Epyc 7262 Firmware Subscribe
Epyc 7272 Subscribe
Epyc 7272 Firmware Subscribe
Epyc 7281 Subscribe
Epyc 7281 Firmware Subscribe
Epyc 7282 Subscribe
Epyc 7282 Firmware Subscribe
Epyc 7301 Subscribe
Epyc 7301 Firmware Subscribe
Epyc 7302 Subscribe
Epyc 7302 Firmware Subscribe
Epyc 7302p Subscribe
Epyc 7302p Firmware Subscribe
Epyc 7351 Subscribe
Epyc 7351 Firmware Subscribe
Epyc 7351p Subscribe
Epyc 7351p Firmware Subscribe
Epyc 7352 Subscribe
Epyc 7352 Firmware Subscribe
Epyc 7401 Subscribe
Epyc 7401 Firmware Subscribe
Epyc 7401p Subscribe
Epyc 7401p Firmware Subscribe
Epyc 7402 Subscribe
Epyc 7402 Firmware Subscribe
Epyc 7402p Subscribe
Epyc 7402p Firmware Subscribe
Epyc 7451 Subscribe
Epyc 7451 Firmware Subscribe
Epyc 7452 Subscribe
Epyc 7452 Firmware Subscribe
Epyc 7501 Subscribe
Epyc 7501 Firmware Subscribe
Epyc 7502 Subscribe
Epyc 7502 Firmware Subscribe
Epyc 7502p Subscribe
Epyc 7502p Firmware Subscribe
Epyc 7532 Subscribe
Epyc 7532 Firmware Subscribe
Epyc 7542 Subscribe
Epyc 7542 Firmware Subscribe
Epyc 7551 Subscribe
Epyc 7551 Firmware Subscribe
Epyc 7551p Subscribe
Epyc 7551p Firmware Subscribe
Epyc 7552 Subscribe
Epyc 7552 Firmware Subscribe
Epyc 7601 Subscribe
Epyc 7601 Firmware Subscribe
Epyc 7642 Subscribe
Epyc 7642 Firmware Subscribe
Epyc 7662 Subscribe
Epyc 7662 Firmware Subscribe
Epyc 7702 Subscribe
Epyc 7702 Firmware Subscribe
Epyc 7702p Subscribe
Epyc 7702p Firmware Subscribe
Epyc 7742 Subscribe
Epyc 7742 Firmware Subscribe
Epyc 7f32 Subscribe
Epyc 7f32 Firmware Subscribe
Epyc 7f52 Subscribe
Epyc 7f52 Firmware Subscribe
Epyc 7f72 Subscribe
Epyc 7f72 Firmware Subscribe

Configuration 1 [-]

AND
cpe:2.3:o:amd:epyc_7002_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7002:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:amd:epyc_7001_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7001:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:amd:epyc_7232p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7232p:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:amd:epyc_7252_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7252:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:amd:epyc_7262_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7262:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:amd:epyc_7272_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7272:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:amd:epyc_7282_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7282:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:amd:epyc_7302_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7302:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:amd:epyc_7302p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7302p:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:amd:epyc_7352_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7352:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:amd:epyc_7402_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7402:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:amd:epyc_7402p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7402p:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:amd:epyc_7452_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7452:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:amd:epyc_7502_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7502:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:amd:epyc_7502p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7502p:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:amd:epyc_7532_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7532:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:amd:epyc_7542_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7542:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:amd:epyc_7552_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7552:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:amd:epyc_7642_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7642:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:amd:epyc_7662_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7662:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:amd:epyc_7702_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7702:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:amd:epyc_7702p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7702p:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:amd:epyc_7742_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7742:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:amd:epyc_7f32_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f32:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:amd:epyc_7f52_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f52:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:amd:epyc_7f72_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7f72:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:amd:epyc_7251_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7251:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:amd:epyc_7281_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7281:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:amd:epyc_7301_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7301:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:amd:epyc_7351_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7351:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:amd:epyc_7351p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7351p:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND
cpe:2.3:o:amd:epyc_7401_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7401:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND
cpe:2.3:o:amd:epyc_7401p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7401p:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND
cpe:2.3:o:amd:epyc_7451_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7451:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND
cpe:2.3:o:amd:epyc_7501_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7501:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND
cpe:2.3:o:amd:epyc_7551_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7551:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND
cpe:2.3:o:amd:epyc_7551p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7551p:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND
cpe:2.3:o:amd:epyc_7601_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:epyc_7601:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2021-13214 Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021 cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2024-09-16T21:04:07.585Z

Reserved: 2021-01-29T00:00:00

Link: CVE-2021-26408

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-05-10T19:15:08.920

Modified: 2024-11-21T05:56:19.170

Link: CVE-2021-26408

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses