cvelist/2021/26xxx/CVE-2021-26314.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@amd.com",
        "DATE_PUBLIC": "2021-06-08T19:30:00.000Z",
        "ID": "CVE-2021-26314",
        "STATE": "PUBLIC",
        "TITLE": "AMD Speculative execution with Floating-Point Value Injection"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "All supported processors",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": " "
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "AMD"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage."
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.0.9"
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-208 Information Exposure Through Timing Discrepancy"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003",
                "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003"
            },
            {
                "refsource": "MLIST",
                "name": "[oss-security] 20210609 Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass",
                "url": "http://www.openwall.com/lists/oss-security/2021/06/09/2"
            },
            {
                "refsource": "MLIST",
                "name": "[oss-security] 20210610 Xen Security Advisory 375 v4 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass",
                "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1"
            },
            {
                "refsource": "FEDORA",
                "name": "FEDORA-2021-41d4347447",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/"
            },
            {
                "refsource": "FEDORA",
                "name": "FEDORA-2021-993693c914",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/"
            }
        ]
    },
    "source": {
        "advisory": "AMD-SB-1003",
        "discovery": "EXTERNAL"
    }
}