Ubuntu.comUB:CVE-2021-26314CVE-2021-26314
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
28.9%
Potential floating point value injection in all supported CPU products, in
conjunction with software vulnerabilities relating to speculative execution
with incorrect floating point results, may cause the use of incorrect data
from FPVI and may result in data leakage.
Notes
| Author | Note |
|---|---|
| mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
References
www.openwall.com/lists/oss-security/2021/06/09/2
www.openwall.com/lists/oss-security/2021/06/10/1
launchpad.net/bugs/cve/CVE-2021-26314
nvd.nist.gov/vuln/detail/CVE-2021-26314
security-tracker.debian.org/tracker/CVE-2021-26314
www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003
www.cve.org/CVERecord?id=CVE-2021-26314
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
28.9%