CVE-2021-26318 (GCVE-0-2021-26318)
Vulnerability from cvelistv5
Published
2021-10-13 18:29
Modified
2024-09-16 16:48
Severity ?
CWE
  • CWE-208 - Information Exposure Through Timing Discrepancy
Summary
A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information.
References
Impacted products
Vendor Product Version
AMD All supported processors Version: unspecified   < undefined
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:19:20.137Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1017"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "All supported processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "undefined",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208 Information Exposure Through Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-13T18:29:14",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1017"
        }
      ],
      "source": {
        "advisory": "AMD-SB-1017",
        "discovery": "EXTERNAL"
      },
      "title": "Side-channels Related to the x86 PREFETCH Instruction",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@amd.com",
          "DATE_PUBLIC": "2021-10-12T19:30:00.000Z",
          "ID": "CVE-2021-26318",
          "STATE": "PUBLIC",
          "TITLE": "Side-channels Related to the x86 PREFETCH Instruction"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "All supported processors",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": ""
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "AMD"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-208 Information Exposure Through Timing Discrepancy"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1017",
              "refsource": "MISC",
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1017"
            }
          ]
        },
        "source": {
          "advisory": "AMD-SB-1017",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2021-26318",
    "datePublished": "2021-10-13T18:29:14.977353Z",
    "dateReserved": "2021-01-29T00:00:00",
    "dateUpdated": "2024-09-16T16:48:55.696Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-26318\",\"sourceIdentifier\":\"psirt@amd.com\",\"published\":\"2021-10-13T19:15:07.360\",\"lastModified\":\"2024-11-21T05:56:05.303\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information.\"},{\"lang\":\"es\",\"value\":\"Un ataque de canal lateral basado en el tiempo y la energ\u00eda aprovechando las instrucciones x86 PREFETCH en algunas CPUs de AMD podr\u00eda potencialmente resultar en una filtraci\u00f3n de informaci\u00f3n del espacio de direcciones del kernel\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":1.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.4,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-208\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:athlon_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED9F64FB-2B5D-4B9B-9ABD-23324005CB38\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C0A97A7-4790-4234-9617-B88A96C2C2F7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:athlon_pro_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDE494B-7C70-4359-856B-793AF93FECE1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:athlon_pro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"464AD06F-B6C1-4F2C-B649-DFA1AE387DD8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33B3CD35-6644-42BD-84C8-D7584178C50E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF7F2DBC-56AD-4D96-AFB3-5F97FACABDC1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAEA5209-C0F6-4645-A541-A68CBC70695B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"047F0F4D-DCE1-4E3F-A888-39E894DF857D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_pro_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08E59D0B-FB2F-4C17-B9BC-462DFB366777\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_pro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA9541F0-5B33-4F09-B201-E887DA572571\"}]}]}],\"references\":[{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1017\",\"source\":\"psirt@amd.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1017\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.