Vulnerability DatabaseCVE-2021-26373

CVE-2021-26373:
Linux openSUSE vulnerability analysis and mitigation

Overview

CVE-2021-26373 is a security vulnerability affecting AMD processors' System Management Unit (SMU). The vulnerability was disclosed in May 2022 and involves insufficient bound checks in the SMU that could lead to system voltage malfunctions (NVD, AMD Server Bulletin).

Technical details

The vulnerability is characterized by insufficient bound checks in the System Management Unit (SMU), which can result in system voltage malfunction. It has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The vulnerability is classified under CWE-20 (Improper Input Validation) (NVD).

Impact

The exploitation of this vulnerability can result in denial of resources and/or possibly denial of service, potentially affecting system stability and availability (NVD).

Mitigation and workarounds

As of the latest reports, there are no known mitigations available for this vulnerability. Software packages will be provided when available (Red Hat).

Additional resources

Source: This report was generated using AI

Related Linux openSUSE vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-13470	HIGH	7.7	Linux Debian	rnp	No	Yes	Nov 21, 2025
CVE-2025-61915	MEDIUM	6.7	OpenPrinting CUPS	cups-devel	No	Yes	Nov 29, 2025
CVE-2025-58436	MEDIUM	5.5	OpenPrinting CUPS	cups-ipptool	No	Yes	Nov 29, 2025
CVE-2025-9820	N/A	N/A	GnuTLS	gnutls-c++	No	Yes	Nov 21, 2025
CVE-2025-13402	N/A	N/A	Linux Fedora	rnp	No	Yes	Nov 21, 2025