CVE-2021-26410

Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure.

CVSS

No CVSS.

References

Link	Resource
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html

Configurations

No configuration.

History

10 Feb 2026, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-10 20:16

Updated : 2026-02-10 21:51

NVD link : CVE-2021-26410

Mitre link : CVE-2021-26410

CVE.ORG link : CVE-2021-26410

JSON object : View

Products Affected

No product.

CWE

CWE-822

Untrusted Pointer Dereference

{"id": "CVE-2021-26410", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@amd.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 1.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-10T20:16:42.227", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html", "source": "psirt@amd.com"}, {"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html", "source": "psirt@amd.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@amd.com", "description": [{"lang": "en", "value": "CWE-822"}]}], "descriptions": [{"lang": "en", "value": "Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure."}], "lastModified": "2026-02-10T21:51:48.077", "sourceIdentifier": "psirt@amd.com"}

CVE-2021-26410

JSON object

Attach tags to CVE-2021-26410

Attach tags to `CVE-2021-26410`