CVE-2021-0001
First published: Wed Jun 09 2021(Updated: )
Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel IPP Cryptography | =2019 | |
| Intel IPP Cryptography | =2019-update_1 | |
| Intel IPP Cryptography | =2019-update_2 | |
| Intel IPP Cryptography | =2019-update_3 | |
| Intel IPP Cryptography | =2019-update_4 | |
| Intel IPP Cryptography | =2020 | |
| Intel sgx dcap linux | <=1.10.100.4 | |
| Intel sgx dcap windows | <=1.10.100.4 | |
| Intel sgx psw windows | <=2.12.100.4 | |
| Intel sgx psw linux | <=2.13.100.4 | |
| Intel sgx sdk windows | <=2.12.100.4 | |
| Intel sgx sdk linux | <=2.13.100.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-0001?
CVE-2021-0001 is a vulnerability in Intel(R) IPP before version 2020 update 1 that may allow an authorized user to potentially enable information disclosure via local access.
Is my version of Intel Integrated Performance Primitives Cryptography affected?
Yes, if you are using Intel Integrated Performance Primitives Cryptography version 2019 through 2019-update_4.
Is my version of Intel Sgx Dcap affected?
Yes, if you are using Intel Sgx Dcap version up to and including 1.10.100.4.
Is my version of Intel Sgx Psw affected?
Yes, if you are using Intel Sgx Psw version up to and including 2.12.100.4.
Is my version of Intel Sgx Sdk affected?
Yes, if you are using Intel Sgx Sdk version up to and including 2.12.100.4.
What is the severity of CVE-2021-0001?
CVE-2021-0001 has a severity rating of 4.7 (medium).
Where can I find more information about CVE-2021-0001?
You can find more information about CVE-2021-0001 at the following link: [Intel Security Advisory](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html).
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/intel
- canonical/intel ipp cryptography
- version/intel ipp cryptography/2019
- version/intel ipp cryptography/2019-update_1
- version/intel ipp cryptography/2019-update_2
- version/intel ipp cryptography/2019-update_3
- version/intel ipp cryptography/2019-update_4
- version/intel ipp cryptography/2020
- canonical/intel sgx dcap linux
- version/intel sgx dcap linux/1.10.100.4
- canonical/intel sgx dcap windows
- version/intel sgx dcap windows/1.10.100.4
- canonical/intel sgx psw windows
- version/intel sgx psw windows/2.12.100.4
- canonical/intel sgx psw linux
- version/intel sgx psw linux/2.13.100.4
- canonical/intel sgx sdk windows
- version/intel sgx sdk windows/2.12.100.4
- canonical/intel sgx sdk linux
- version/intel sgx sdk linux/2.13.100.4