CVE-2021-33078

CWE-362 — Race Condition3 documents3 sources

Severity

4.7MEDIUM

EPSS

0.0%

top 89.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Optane Memory H10 With Solid State Storage Firmware Intel Optane Memory H20 With Solid State Storage Firmware Intel Optane SSD 900p Firmware +4 more

Timeline

PublishedMay 12

Latest updateMay 13

Description

Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages8 packages

▶NVDintel/optane_ssd_900p_firmware< fw600

▶NVDintel/optane_ssd_905p_firmware< fw600

▶NVDintel/optane_ssd_p5800x_firmware< l0310200

▶NVDintel/optane_ssd_dc_p4800x_firmware< e2010600

▶NVDintel/optane_ssd_dc_p4801x_firmware< e2010600

🔴Vulnerability Details

GHSA

GHSA-jjvq-hm2p-4f2w: Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially en↗2022-05-13

▶

CVEList

CVE-2021-33078: Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially en↗2022-05-12

▶