Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for PSP Driver by AMD
CVE-2021-26333 (GCVE-0-2021-26333)
Vulnerability from cvelistv5 – Published: 2021-09-21 10:49 – Updated: 2026-05-28 19:51
VLAI
Title
AMD Chipset Driver Information Disclosure Vulnerability
Summary
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Information Exposure
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2021/Sep/24 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/164202/AMD-C… | x_refsource_MISC |
| https://www.amd.com/en/corporate/product-security… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | PSP Driver |
Affected:
PSP Driver , < 5.17.0.0
(custom)
|
Date Public
2021-09-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:23.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210917 AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-26333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-28T19:50:53.582069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T19:51:07.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PSP Driver",
"vendor": "AMD",
"versions": [
{
"lessThan": "5.17.0.0",
"status": "affected",
"version": "PSP Driver",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-21T10:50:49.000Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"name": "20210917 AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009"
}
],
"source": {
"advisory": "AMD-SB-1009",
"discovery": "EXTERNAL"
},
"title": "AMD Chipset Driver Information Disclosure Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-09-14T19:30:00.000Z",
"ID": "CVE-2021-26333",
"STATE": "PUBLIC",
"TITLE": "AMD Chipset Driver Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PSP Driver",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "PSP Driver",
"version_value": "5.17.0.0"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210917 AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Sep/24"
},
{
"name": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html"
},
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009"
}
]
},
"source": {
"advisory": "AMD-SB-1009",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2021-26333",
"datePublished": "2021-09-21T10:49:49.457Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2026-05-28T19:51:07.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-26333 (GCVE-0-2021-26333)
Vulnerability from nvd – Published: 2021-09-21 10:49 – Updated: 2026-05-28 19:51
VLAI
Title
AMD Chipset Driver Information Disclosure Vulnerability
Summary
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Information Exposure
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2021/Sep/24 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/164202/AMD-C… | x_refsource_MISC |
| https://www.amd.com/en/corporate/product-security… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | PSP Driver |
Affected:
PSP Driver , < 5.17.0.0
(custom)
|
Date Public
2021-09-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:23.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210917 AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-26333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-28T19:50:53.582069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T19:51:07.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PSP Driver",
"vendor": "AMD",
"versions": [
{
"lessThan": "5.17.0.0",
"status": "affected",
"version": "PSP Driver",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-21T10:50:49.000Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"name": "20210917 AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009"
}
],
"source": {
"advisory": "AMD-SB-1009",
"discovery": "EXTERNAL"
},
"title": "AMD Chipset Driver Information Disclosure Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-09-14T19:30:00.000Z",
"ID": "CVE-2021-26333",
"STATE": "PUBLIC",
"TITLE": "AMD Chipset Driver Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PSP Driver",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "PSP Driver",
"version_value": "5.17.0.0"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210917 AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Sep/24"
},
{
"name": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html"
},
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009"
}
]
},
"source": {
"advisory": "AMD-SB-1009",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2021-26333",
"datePublished": "2021-09-21T10:49:49.457Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2026-05-28T19:51:07.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}