var-202106-1423
Vulnerability from variot

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. plural CPU The product contains a vulnerability related to the leakage of resources to the wrong area.Information may be obtained. Intel Processors (Intel processors) are Intel Corporation's processors that interpret computer instructions and process data in computer software. There are information disclosure vulnerabilities in Intel Processors and AMD CPUs, which originate from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202106-1423",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "xeon silver 4214",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "34"
      },
      {
        "model": "bcm2711",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": null
      },
      {
        "model": "xen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "xen",
        "version": "*"
      },
      {
        "model": "core i9-9900k",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "core i7-10700k",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "cortex-a72",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "model": "core i7-7700k",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "33"
      },
      {
        "model": "bcm2711",
        "scope": null,
        "trust": 0.8,
        "vendor": "broadcom",
        "version": null
      },
      {
        "model": "intel xenon silver 4214",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel core i9-9900k",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "intel core i7-10700k",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "cortex-a72",
        "scope": null,
        "trust": 0.8,
        "vendor": "arm",
        "version": null
      },
      {
        "model": "intel core i7-7700k",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a4\u30f3\u30c6\u30eb",
        "version": null
      },
      {
        "model": "xen",
        "scope": null,
        "trust": 0.8,
        "vendor": "xen \u30d7\u30ed\u30b8\u30a7\u30af\u30c8",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26314"
      }
    ]
  },
  "cve": "CVE-2021-26314",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-26314",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-385384",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2021-26314",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-26314",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-26314",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-26314",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202106-621",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-385384",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26314"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. plural  CPU The product contains a vulnerability related to the leakage of resources to the wrong area.Information may be obtained. Intel Processors (Intel processors) are Intel Corporation\u0027s processors that interpret computer instructions and process data in computer software. There are information disclosure vulnerabilities in Intel Processors and AMD CPUs, which originate from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-26314"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "db": "VULHUB",
        "id": "VHN-385384"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-26314",
        "trust": 3.3
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2021/06/09/2",
        "trust": 2.5
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2021/06/10/1",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903",
        "trust": 0.8
      },
      {
        "db": "LENOVO",
        "id": "LEN-60191",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-621",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-385384",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26314"
      }
    ]
  },
  "id": "VAR-202106-1423",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385384"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-08-14T13:13:49.137000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top\u00a0Page Intel Intel",
        "trust": 0.8,
        "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003"
      },
      {
        "title": "Intel Processors Repair measures for information disclosure vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=154845"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-203",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-208",
        "trust": 1.0
      },
      {
        "problemtype": "Leakage of resources to the wrong area (CWE-668) [NVD Evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-668",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26314"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.openwall.com/lists/oss-security/2021/06/09/2"
      },
      {
        "trust": 1.7,
        "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003"
      },
      {
        "trust": 1.7,
        "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/h36u6cnrec436w6gyo7qumjivea35scv/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/sva2ny26mmxoodumyzn5dcu3fxmbmbob/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-26314"
      },
      {
        "trust": 0.7,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/h36u6cnrec436w6gyo7qumjivea35scv/"
      },
      {
        "trust": 0.7,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/sva2ny26mmxoodumyzn5dcu3fxmbmbob/"
      },
      {
        "trust": 0.6,
        "url": "https://support.lenovo.com/us/en/product_security/len-60191"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26314"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-385384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26314"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-06-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-385384"
      },
      {
        "date": "2022-02-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "date": "2021-06-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      },
      {
        "date": "2021-06-09T12:15:07.810000",
        "db": "NVD",
        "id": "CVE-2021-26314"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-06-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-385384"
      },
      {
        "date": "2022-02-25T08:59:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      },
      {
        "date": "2023-07-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      },
      {
        "date": "2023-11-07T03:31:41.703000",
        "db": "NVD",
        "id": "CVE-2021-26314"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0CPU\u00a0 Vulnerability in leaking resources to the wrong area in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-007903"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-621"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.