CVE-2021-26410
Awaiting Analysis Awaiting Analysis - Queue
Information Disclosure via Improper Syscall Validation in AMD ASP

Publication date: 2026-02-10

Last updated on: 2026-02-10

Assigner: Advanced Micro Devices Inc.

Description
Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-10
Last Modified
2026-02-10
Generated
2026-06-16
AI Q&A
2026-02-10
EPSS Evaluated
2026-06-14
NVD
CVE-2021-26410
EUVD
EUVD-2021-13216
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
amd secure_processor *
amd radeon_software_pro_edition 25.10.10
amd radeon_software_for_linux 25.10.1
amd athlon *
amd ryzen *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-822 The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves improper validation of syscall input in the AMD Secure Processor (ASP). Specifically, it may cause the kernel to read syscall parameter values from its own memory space incorrectly. This flaw allows an attacker to infer the contents of the kernel memory.

Impact Analysis

The impact of this vulnerability is potential information disclosure. An attacker exploiting this flaw could gain unauthorized insight into the contents of the kernel memory, which may lead to exposure of sensitive information.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-26410. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart