CVE-2021-0086

Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
References
Link Resource
http://www.openwall.com/lists/oss-security/2021/06/08/7 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/09/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/10/1 Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html Vendor Advisory
http://www.openwall.com/lists/oss-security/2021/06/08/7 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/09/2 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/10/1 Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:intel:brand_verification_tool:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:intel:pentium_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:pentium_processors:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:intel:celeron_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:celeron_processors:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:intel:xeon_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:xeon_processors:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:intel:core_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_processors:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:intel:itanium_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:itanium_processors:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:41

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2021/06/08/7 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2021/06/08/7 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2021/06/09/2 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2021/06/09/2 - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2021/06/10/1 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2021/06/10/1 - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/ -
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html - Vendor Advisory
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html - Vendor Advisory

01 Jul 2021, 16:57

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 2.1
v3 : 6.5
CWE CWE-203
CPE cpe:2.3:h:intel:xeon_processors:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:core_processors:-:*:*:*:*:*:*:*
cpe:2.3:o:intel:xeon_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:intel:core_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:celeron_processors:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:pentium_processors:-:*:*:*:*:*:*:*
cpe:2.3:o:intel:itanium_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:itanium_processors:-:*:*:*:*:*:*:*
cpe:2.3:o:intel:pentium_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:intel:celeron_processors_firmware:-:*:*:*:*:*:*:*
cpe:2.3:a:intel:brand_verification_tool:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
References (MLIST) http://www.openwall.com/lists/oss-security/2021/06/08/7 - (MLIST) http://www.openwall.com/lists/oss-security/2021/06/08/7 - Mailing List, Third Party Advisory
References (MLIST) http://www.openwall.com/lists/oss-security/2021/06/09/2 - (MLIST) http://www.openwall.com/lists/oss-security/2021/06/09/2 - Mailing List, Third Party Advisory
References (CONFIRM) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html - (CONFIRM) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html - Vendor Advisory
References (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html - (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html - Vendor Advisory
References (MLIST) http://www.openwall.com/lists/oss-security/2021/06/10/1 - (MLIST) http://www.openwall.com/lists/oss-security/2021/06/10/1 - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/ - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/ - Mailing List, Third Party Advisory

17 Jun 2021, 12:15

Type Values Removed Values Added
References
  • (MLIST) http://www.openwall.com/lists/oss-security/2021/06/08/7 -
  • (MLIST) http://www.openwall.com/lists/oss-security/2021/06/09/2 -
  • (CONFIRM) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html -
Summary Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may allow an authenticated user to potentially enable escalation of privilege via local access. Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

17 Jun 2021, 03:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/ -

16 Jun 2021, 23:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/ -

10 Jun 2021, 12:15

Type Values Removed Values Added
References
  • (MLIST) http://www.openwall.com/lists/oss-security/2021/06/10/1 -

09 Jun 2021, 20:19

Type Values Removed Values Added
New CVE

Information

Published : 2021-06-09 20:15

Updated : 2024-11-21 05:41


NVD link : CVE-2021-0086

Mitre link : CVE-2021-0086

CVE.ORG link : CVE-2021-0086


JSON object : View

Products Affected

intel

  • pentium_processors_firmware
  • celeron_processors_firmware
  • celeron_processors
  • itanium_processors
  • xeon_processors
  • core_processors_firmware
  • core_processors
  • itanium_processors_firmware
  • xeon_processors_firmware
  • brand_verification_tool
  • pentium_processors

fedoraproject

  • fedora
CWE
CWE-203

Observable Discrepancy