CVE-2021-0089

Опубликовано: 09 июн. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 2.1

EPSS Низкий

Описание

Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Ссылки

http://www.openwall.com/lists/oss-security/2021/06/10/1
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/10/10
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/10/11
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/
https://security.gentoo.org/glsa/202107-30
Third Party Advisory
https://www.debian.org/security/2021/dsa-4931
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html
Vendor Advisory
http://www.openwall.com/lists/oss-security/2021/06/10/1
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/10/10
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/10/11
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/
https://security.gentoo.org/glsa/202107-30
Third Party Advisory
https://www.debian.org/security/2021/dsa-4931
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:intel:pentium_processors_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_processors:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:intel:celeron_processors_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_processors:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:intel:xeon_processors_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:xeon_processors:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:o:intel:core_processors_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:core_processors:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:intel:itanium_processors_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:itanium_processors:-:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00057

Низкий

6.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-203

Связанные уязвимости

CVE-2021-0089

CVSS3: 6.5

ubuntu

больше 4 лет назад

Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

CVE-2021-0089

CVSS3: 6.5

debian

больше 4 лет назад

Observable response discrepancy in some Intel(R) Processors may allow ...

GHSA-hhg2-c4p3-h55x

CVSS3: 6.5

github

больше 3 лет назад

Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

BDU:2022-00254

CVSS3: 6.5

fstec

больше 4 лет назад

Уязвимость кроссплатформенного гипервизора Xen, связанная с раскрытием информации через несоответствие, позволяющая нарушителю получить доступ к конфиденциальным данным

SUSE-SU-2021:2943-1

suse-cvrf

больше 4 лет назад

Security update for xen

EPSS

Процентиль: 18%

0.00057

Низкий

6.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-203