What is CVE-2021-33078?

CVE-2021-33078 is a vulnerability in the firmware of some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products that allows a privileged user to potentially enable denial of service via local access.

How severe is CVE-2021-33078?

CVE-2021-33078 has a severity rating of 4.7 out of 10, which is considered medium.

What is the affected software for CVE-2021-33078?

The affected software for CVE-2021-33078 includes Intel Optane Ssd Dc P4800x Firmware, Intel Optane Ssd Dc P4801x Firmware, Intel Optane Ssd P5800x Firmware, Intel Optane Memory H20 With Solid State Storage Firmware, Intel Optane Memory H10 With Solid State Storage Firmware, Intel Optane Ssd 905p Firmware, and Intel Optane Ssd 900p Firmware.

How can a privileged user potentially enable denial of service using CVE-2021-33078?

A privileged user can potentially enable denial of service by exploiting a race condition within a thread in the firmware of some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products through local access.

Where can I find more information about CVE-2021-33078?

You can find more information about CVE-2021-33078 in the Intel Security Center Advisory and the Solidigm SA-000563 document.

Vulnerability/
CVE-2021-33078

medium

4.7

CWE

362

12/5/2022

6/10/2022

CVE-2021-33078: Race Condition

First published: Thu May 12 2022(Updated: )

Race condition within a thread in firmware for some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.

Credit: secure@intel.com

Affected Software	Affected Version	How to fix
Intel Optane Ssd Dc P4800x Firmware	<e2010600
Intel Optane Ssd Dc P4800x
Intel Optane Ssd Dc P4801x Firmware	<e2010600
Intel Optane Ssd Dc P4801x
Intel Optane Ssd P5800x Firmware	<l0310200
Intel Optane Ssd P5800x
Intel Optane Memory H20 With Solid State Storage Firmware	<pgf028k
Intel Optane Memory H20 With Solid State Storage
Intel Optane Memory H10 With Solid State Storage Firmware	<tgf061k
Intel Optane Memory H10 With Solid State Storage
Intel Optane Ssd 905p Firmware	<fw600
Intel Optane Ssd 905p
Intel Optane Ssd 900p Firmware	<fw600
Intel Optane Ssd 900p

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-33078?
CVE-2021-33078 is a vulnerability in the firmware of some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products that allows a privileged user to potentially enable denial of service via local access.
How severe is CVE-2021-33078?
CVE-2021-33078 has a severity rating of 4.7 out of 10, which is considered medium.
What is the affected software for CVE-2021-33078?
The affected software for CVE-2021-33078 includes Intel Optane Ssd Dc P4800x Firmware, Intel Optane Ssd Dc P4801x Firmware, Intel Optane Ssd P5800x Firmware, Intel Optane Memory H20 With Solid State Storage Firmware, Intel Optane Memory H10 With Solid State Storage Firmware, Intel Optane Ssd 905p Firmware, and Intel Optane Ssd 900p Firmware.
How can a privileged user potentially enable denial of service using CVE-2021-33078?
A privileged user can potentially enable denial of service by exploiting a race condition within a thread in the firmware of some Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products through local access.
Where can I find more information about CVE-2021-33078?
You can find more information about CVE-2021-33078 in the Intel Security Center Advisory and the Solidigm SA-000563 document.