CVE-2021-33075

CWE-362 — Race Condition3 documents3 sources

Severity

4.7MEDIUM

EPSS

0.0%

top 89.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Optane Memory H10 With Solid State Storage Firmware Intel Optane Memory H20 With Solid State Storage Firmware Intel Optane SSD 900p Firmware +4 more

Timeline

PublishedMay 12

Latest updateMay 13

Description

Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages7 packages

▶NVDintel/optane_ssd_900p_firmware< fw600

▶NVDintel/optane_ssd_905p_firmware< fw600

▶NVDintel/optane_ssd_p5800x_firmware< l0310200

▶NVDintel/optane_ssd_dc_p4800x_firmware< e2010600

▶NVDintel/optane_ssd_dc_p4801x_firmware< e2010600

🔴Vulnerability Details

GHSA

GHSA-8v34-qr58-qgc2: Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to po↗2022-05-13

▶

CVEList

CVE-2021-33075: Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to po↗2022-05-12

▶