1. Home
  2. CVE Database
  3. CVE-2021-26314
MEDIUM · 5.5

CVE-2021-26314

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause ...

Vulnerability Description

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
XenXenAll versions
AmdRyzen 5 5600X-
AmdRyzen 7 2700X-
AmdRyzen Threadripper 2990Wx-
ArmCortex-A72-
BroadcomBcm2711-
IntelCore I7-10700K-
IntelCore I7-7700K-
IntelCore I9-9900K-
IntelXeon Silver 4214-
FedoraprojectFedora33

Related Weaknesses (CWE)

CWE-208CWE-203

References

FAQ

What is CVE-2021-26314?

CVE-2021-26314 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause ...

How severe is CVE-2021-26314?

CVE-2021-26314 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-26314?

Check the references section above for vendor advisories and patch information. Affected products include: Xen Xen, Amd Ryzen 5 5600X, Amd Ryzen 7 2700X, Amd Ryzen Threadripper 2990Wx, Arm Cortex-A72.