AMD Speculative execution with Floating-Point Value Injection
CVE-2021-26314

5.5MEDIUM

Key Information:

Vendor: Amd
Status: All Supported Processors
Vendor: CVE Published:; 9 June 2021

What is CVE-2021-26314?

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.

Affected Version(s)

All supported processors < unspecified

References

https://www.amd.com/en/corporate/product-security/bulleti...

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2021/06/09/2

mailing-listx_refsource_MLIST

http://www.openwall.com/lists/oss-security/2021/06/10/1

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2021
Vulnerability Reserved
Jan 29, 2021

Amd

What is CVE-2021-26314?

Affected Version(s)

References

CVSS V3.1

Timeline