Bug 2049558 (CVE-2021-33120)

Summary: CVE-2021-33120 microcode: Out of bounds read for some Intel Atom processors
Product: [Other] Security Response Reporter: Petr Matousek <pmatouse>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in microcode. An out-of-bounds read under a complex microarchitectural condition in the memory subsystem for some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure or cause a denial of service via network access.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2049561, 2049562, 2049563, 2049564, 2049565, 2049566, 2049567, 2049568, 2049569, 2049570, 2049571    
Bug Blocks: 2049526    

Description Petr Matousek 2022-02-02 11:51:49 UTC 
Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access. Under complex microarchitectural conditions user to supervisor page fault can be potentially missed which cause a malicious application to read some portion of operating system memory or could cause temporary denial of service.