#VU60493 Input validation error in Intel products - CVE-2021-0127
Published: February 10, 2022
Vulnerability identifier: #VU60493
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-0127
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Celeron Processor G Series
Intel Core X-series Processors
Intel Pentium Gold Processor Series
2nd Generation Intel Xeon Scalable Processors
3rd Generation Intel Xeon Scalable Processors
Intel Xeon W Processors
Intel Xeon Processor E Family
Intel Xeon Processor E3 v6 Family
Intel Xeon D Processors
Intel Xeon Platinum 81xxD
Intel Xeon Processor E3 v5 Family
9th Generation Intel Core Processors
Intel Xeon Scalable Processors
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Celeron Processor G Series
Intel Core X-series Processors
Intel Pentium Gold Processor Series
2nd Generation Intel Xeon Scalable Processors
3rd Generation Intel Xeon Scalable Processors
Intel Xeon W Processors
Intel Xeon Processor E Family
Intel Xeon Processor E3 v6 Family
Intel Xeon D Processors
Intel Xeon Platinum 81xxD
Intel Xeon Processor E3 v5 Family
9th Generation Intel Core Processors
Intel Xeon Scalable Processors
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient control flow management. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.