CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.

Published: Nov 9, 2022
Updated: May 4, 2025
CVE: CVE-2021-26392
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
amd / enterprise_driver	-	22.10.20
amd / radeon_pro_software	-	22.q2
amd / radeon_software	-	22.5.2

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-5001

Vulnerability Database

289,599

CVE-2021-26392