← Zuruck zu CVEs
CVE-2021-26314
MEDIUM5.5
Beschreibung
Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.
CVE Details
CVSS v3.1 Bewertung5.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht6/9/2021
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
amd:ryzen_5_5600xamd:ryzen_7_2700xamd:ryzen_threadripper_2990wxarm:cortex-a72broadcom:bcm2711fedoraproject:fedoraintel:core_i7-10700kintel:core_i7-7700kintel:core_i9-9900kintel:xeon_silver_4214xen:xen
Schwachen (CWE)
CWE-208CWE-203
Referenzen
http://www.openwall.com/lists/oss-security/2021/06/09/2(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2021/06/10/1(psirt@amd.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/(psirt@amd.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/(psirt@amd.com)
http://www.openwall.com/lists/oss-security/2021/06/09/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2021/06/10/1(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/(af854a3a-2127-422b-91ae-364da2661108)
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.