VDB
CVE-2021-26314
CVE-2021-26314
PUBLISHED
Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.
EPSS 0.09% · 26.2th percentile
Risk Scores
EPSS Score
0.09%
26.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:24.04:LTS | xen | 4.17.3+10-g091466ba55-1.1ubuntu3, 4.17.3+10-g091466ba55-1.1ubuntu2, 4.17.3+10-g091466ba55-1 |
| Ubuntu:16.04:LTS | xen | 4.6.5-0ubuntu1.2, 4.6.0-1ubuntu4.1, 0 |
| Ubuntu:18.04:LTS | xen | 4.9.0-0ubuntu4, 4.9.2-0ubuntu1, 4.9.0-0ubuntu3 |
| Ubuntu:25.10 | xen | 0, 4.20.0+68-g35cb38b222-1, 4.20.0-1ubuntu1 |
| Ubuntu:20.04:LTS | xen | *, 4.11.3+24-g14b62ab3e5-1ubuntu1, 4.11.3+24-g14b62ab3e5-1ubuntu2.2 |
| Ubuntu:22.04:LTS | xen | 4.16.0-1~ubuntu2, 4.11.4+24-gddaaccbbab-1ubuntu2, 0 |
Exploit Intelligence
- http://www.openwall.com/lists/oss-security/2021/06/10/1 (nist-nvd)
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003 (circl)
- [oss-security] 20210609 Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass (circl)
- FEDORA-2021-41d4347447 (circl)
- FEDORA-2021-993693c914 (circl)
Timeline
- Jun 9, 2021 CVE Published
- Jun 10, 2021 EPSS Score
- Jun 17, 2021 EPSS Score
- Aug 11, 2021 EPSS Score
- Dec 10, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 9, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 11, 2022 EPSS Score
- Aug 12, 2022 EPSS Score
- Oct 11, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-26314 third-party-advisory
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003 third-party-advisory
- http://www.openwall.com/lists/oss-security/2021/06/09/2 third-party-advisory
- http://www.openwall.com/lists/oss-security/2021/06/10/1 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-26314 third-party-advisory