nvd-json-data-feeds/CVE-2021/CVE-2021-263xx/CVE-2021-26314.json

{
  "id": "CVE-2021-26314",
  "sourceIdentifier": "psirt@amd.com",
  "published": "2021-06-09T12:15:07.810",
  "lastModified": "2024-11-21T05:56:04.547",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage."
    },
    {
      "lang": "es",
      "value": "Una inyecci\u00f3n de valor de punto flotante potencial en todos los productos de CPU compatibles, junto con las vulnerabilidades de software relacionadas con la ejecuci\u00f3n especulativa con resultados de punto flotante incorrectos, puede causar el uso de datos incorrectos de FPVI y puede resultar en una filtraci\u00f3n de datos"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "baseScore": 2.1,
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE"
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "psirt@amd.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-208"
        }
      ]
    },
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:amd:ryzen_5_5600x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD86A5C-A9A9-4C84-91D9-54F2516E8487"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:amd:ryzen_7_2700x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD6DE86B-DAAA-4A3B-9FFF-0583D5CB1B1E"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:amd:ryzen_threadripper_2990wx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1B5369B-DFFE-4A84-8894-513AE7FC7C6C"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E23102-964E-485D-8EFF-4B1BBFE6EDE4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:h:broadcom:bcm2711:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DC0C7D8-18F4-43B4-A8CA-8183022DF0FB"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CC9312B-40A7-4D4A-A61C-3BA865C29F63"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "913BBEFF-49E7-42AF-A850-B49E5A12AB98"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C3257F5-CA55-4F35-9D09-5B85253DE786"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B4F7FE-61A3-417A-BAA9-E686A76F3A94"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.openwall.com/lists/oss-security/2021/06/09/2",
      "source": "psirt@amd.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1",
      "source": "psirt@amd.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/",
      "source": "psirt@amd.com"
    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/",
      "source": "psirt@amd.com"
    },
    {
      "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003",
      "source": "psirt@amd.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2021/06/09/2",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2021-26314",`
			`"sourceIdentifier": "psirt@amd.com",`
			`"published": "2021-06-09T12:15:07.810",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"lastModified": "2024-11-21T05:56:04.547",`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"vulnStatus": "Modified",`
Auto-Update: 2024-07-14T02:00:17.787041+00:00 2024-07-14 02:06:08 +00:00			`"cveTags": [],`
bootstrap 2023-04-24 12:24:31 +02:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage."`
			`},`
			`{`
			`"lang": "es",`
			`"value": "Una inyecci\u00f3n de valor de punto flotante potencial en todos los productos de CPU compatibles, junto con las vulnerabilidades de software relacionadas con la ejecuci\u00f3n especulativa con resultados de punto flotante incorrectos, puede causar el uso de datos incorrectos de FPVI y puede resultar en una filtraci\u00f3n de datos"`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"baseScore": 5.5,`
			`"baseSeverity": "MEDIUM",`
bootstrap 2023-04-24 12:24:31 +02:00			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "NONE"`
bootstrap 2023-04-24 12:24:31 +02:00			`},`
			`"exploitabilityScore": 1.8,`
			`"impactScore": 3.6`
			`}`
			`],`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"baseScore": 2.1,`
bootstrap 2023-04-24 12:24:31 +02:00			`"accessVector": "LOCAL",`
			`"accessComplexity": "LOW",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "PARTIAL",`
			`"integrityImpact": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "NONE"`
bootstrap 2023-04-24 12:24:31 +02:00			`},`
			`"baseSeverity": "LOW",`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 2.9,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": false`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "psirt@amd.com",`
			`"type": "Secondary",`
bootstrap 2023-04-24 12:24:31 +02:00			`"description": [`
			`{`
			`"lang": "en",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"value": "CWE-208"`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`]`
			`},`
			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
bootstrap 2023-04-24 12:24:31 +02:00			`"description": [`
			`{`
			`"lang": "en",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"value": "CWE-203"`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:xen:xen::::::::",`
			`"matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:amd:ryzen_5_5600x:-:::::::*",`
			`"matchCriteriaId": "6FD86A5C-A9A9-4C84-91D9-54F2516E8487"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:amd:ryzen_7_2700x:-:::::::*",`
			`"matchCriteriaId": "CD6DE86B-DAAA-4A3B-9FFF-0583D5CB1B1E"`
			`},`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:amd:ryzen_threadripper_2990wx:-:::::::*",`
			`"matchCriteriaId": "B1B5369B-DFFE-4A84-8894-513AE7FC7C6C"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:h:arm:cortex-a72:-:::::::*",`
			`"matchCriteriaId": "16E23102-964E-485D-8EFF-4B1BBFE6EDE4"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:h:broadcom:bcm2711:-:::::::*",`
			`"matchCriteriaId": "0DC0C7D8-18F4-43B4-A8CA-8183022DF0FB"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:h:intel:core_i7-10700k:-:::::::*",`
			`"matchCriteriaId": "6CC9312B-40A7-4D4A-A61C-3BA865C29F63"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:h:intel:core_i7-7700k:-:::::::*",`
			`"matchCriteriaId": "913BBEFF-49E7-42AF-A850-B49E5A12AB98"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:h:intel:core_i9-9900k:-:::::::*",`
			`"matchCriteriaId": "7C3257F5-CA55-4F35-9D09-5B85253DE786"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:h:intel:xeon_silver_4214:-:::::::*",`
			`"matchCriteriaId": "E1B4F7FE-61A3-417A-BAA9-E686A76F3A94"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:fedoraproject:fedora:33:::::::*",`
			`"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:fedoraproject:fedora:34:::::::*",`
			`"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "http://www.openwall.com/lists/oss-security/2021/06/09/2",`
			`"source": "psirt@amd.com",`
			`"tags": [`
			`"Mailing List",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "http://www.openwall.com/lists/oss-security/2021/06/10/1",`
			`"source": "psirt@amd.com",`
			`"tags": [`
			`"Exploit",`
			`"Mailing List",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/",`
			`"source": "psirt@amd.com"`
bootstrap 2023-04-24 12:24:31 +02:00			`},`
			`{`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/",`
			`"source": "psirt@amd.com"`
bootstrap 2023-04-24 12:24:31 +02:00			`},`
			`{`
			`"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003",`
			`"source": "psirt@amd.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`},`
			`{`
			`"url": "http://www.openwall.com/lists/oss-security/2021/06/09/2",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Mailing List",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "http://www.openwall.com/lists/oss-security/2021/06/10/1",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Exploit",`
			`"Mailing List",`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108"`
			`},`
			`{`
			`"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003",`
			`"source": "af854a3a-2127-422b-91ae-364da2661108",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`]`
			`}`