Bug 2023588 (CVE-2021-0158)
Summary: | CVE-2021-0158 kernel: improper input validation in the BIOS firmware | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, adscvr, airlied, alciregi, bhu, brdeoliv, bskeggs, chwhite, crwood, dhoward, dvlasenk, fhrbata, fpacheco, hdegoede, hkrzesin, jarod, jarodwilson, jburrell, jeremy, jforbes, jglisse, jlelli, jonathan, josef, jshortt, jstancek, jwboyer, kcarcia, kernel-maint, kernel-mgr, lgoncalv, linville, masami256, mchehab, nmurray, ptalbert, qzhao, rkeshri, rvrbovsk, steved, vkumar, walters, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A vulnerability was found in the BIOS firmware for some Intel(R) Processors caused by improper input validation. This flaw allows a user with local access to cause the device to elevate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-11-29 08:39:41 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2023590 | ||
Bug Blocks: | 2023585 |
Description
Dhananjay Arunesh
2021-11-16 05:47:44 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2023590] This appears to be something that intel is fixing in firmware, is there a kernel aspect to this that I am missing? In reply to comment #3: > This appears to be something that intel is fixing in firmware, is there a > kernel aspect to this that I am missing? Yes, Intel is fixing this with a firmware upgrade, there will be no workarounds or OS fixes for these issues. RHEL is marked not affected. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-0158 |