CVE: CVE-2021-26333
Reported by: Kyriakos Economou (@kyREcon)
Vendor: AMD
Products: AMD PSP driver < v5.17.0.0
Advisory
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages.
References
MITRE
Technical Details (PDF)