First published: Thu May 12 2022(Updated: )
Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.
Credit: secure@intel.com secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
Intel BIOS | <mr7 | |
Intel Xeon Gold 5315y | ||
Intel Xeon Gold 5317 | ||
Intel Xeon Gold 5318h | ||
Intel Xeon Gold 5318n | ||
Intel Xeon Gold 5318s | ||
Intel Xeon Gold 5318y | ||
Intel Xeon Gold 5320 | ||
Intel Xeon Gold 5320h | ||
Intel Xeon Gold 5320t | ||
Intel Xeon Gold 6312u | ||
Intel Xeon Gold 6314u | ||
Intel Xeon Gold 6326 | ||
Intel Xeon Gold 6328h | ||
Intel Xeon Gold 6328hl | ||
Intel Xeon Gold 6330 | ||
Intel Xeon Gold 6330h | ||
Intel Xeon Gold 6330n | ||
Intel Xeon Gold 6334 | ||
Intel Xeon Gold 6336y | ||
Intel Xeon Gold 6338 | ||
Intel Xeon Gold 6338n | ||
Intel Xeon Gold 6338t | ||
Intel Xeon Gold 6342 | ||
Intel Xeon Gold 6346 | ||
Intel Xeon Gold 6348 | ||
Intel Xeon Gold 6348h | ||
Intel Xeon Gold 6354 | ||
Intel Xeon Platinum 8351n | ||
Intel Xeon Platinum 8352m | ||
Intel Xeon Platinum 8352s | ||
Intel Xeon Platinum 8352v | ||
Intel Xeon Platinum 8352y | ||
Intel Xeon Platinum 8353h | ||
Intel Xeon Platinum 8354h | ||
Intel Xeon Platinum 8356h | ||
Intel Xeon Platinum 8358 | ||
Intel Xeon Platinum 8358p | ||
Intel Xeon Platinum 8360h | ||
Intel Xeon Platinum 8360hl | ||
Intel Xeon Platinum 8360y | ||
Intel Xeon Platinum 8362 | ||
Intel Xeon Platinum 8368 | ||
Intel Xeon Platinum 8368q | ||
Intel Xeon Platinum 8376h | ||
Intel Xeon Platinum 8376hl | ||
Intel Xeon Platinum 8380 | ||
Intel Xeon Platinum 8380h | ||
Intel Xeon Platinum 8380hl | ||
Intel Xeon Silver 4309y | ||
Intel Xeon Silver 4310 | ||
Intel Xeon Silver 4310t | ||
Intel Xeon Silver 4314 | ||
Intel Xeon Silver 4316 | ||
Netapp Fas\/aff Bios | ||
All of | ||
Intel BIOS | <mr7 | |
Any of | ||
Intel Xeon Gold 5315y | ||
Intel Xeon Gold 5317 | ||
Intel Xeon Gold 5318h | ||
Intel Xeon Gold 5318n | ||
Intel Xeon Gold 5318s | ||
Intel Xeon Gold 5318y | ||
Intel Xeon Gold 5320 | ||
Intel Xeon Gold 5320h | ||
Intel Xeon Gold 5320t | ||
Intel Xeon Gold 6312u | ||
Intel Xeon Gold 6314u | ||
Intel Xeon Gold 6326 | ||
Intel Xeon Gold 6328h | ||
Intel Xeon Gold 6328hl | ||
Intel Xeon Gold 6330 | ||
Intel Xeon Gold 6330h | ||
Intel Xeon Gold 6330n | ||
Intel Xeon Gold 6334 | ||
Intel Xeon Gold 6336y | ||
Intel Xeon Gold 6338 | ||
Intel Xeon Gold 6338n | ||
Intel Xeon Gold 6338t | ||
Intel Xeon Gold 6342 | ||
Intel Xeon Gold 6346 | ||
Intel Xeon Gold 6348 | ||
Intel Xeon Gold 6348h | ||
Intel Xeon Gold 6354 | ||
Intel Xeon Platinum 8351n | ||
Intel Xeon Platinum 8352m | ||
Intel Xeon Platinum 8352s | ||
Intel Xeon Platinum 8352v | ||
Intel Xeon Platinum 8352y | ||
Intel Xeon Platinum 8353h | ||
Intel Xeon Platinum 8354h | ||
Intel Xeon Platinum 8356h | ||
Intel Xeon Platinum 8358 | ||
Intel Xeon Platinum 8358p | ||
Intel Xeon Platinum 8360h | ||
Intel Xeon Platinum 8360hl | ||
Intel Xeon Platinum 8360y | ||
Intel Xeon Platinum 8362 | ||
Intel Xeon Platinum 8368 | ||
Intel Xeon Platinum 8368q | ||
Intel Xeon Platinum 8376h | ||
Intel Xeon Platinum 8376hl | ||
Intel Xeon Platinum 8380 | ||
Intel Xeon Platinum 8380h | ||
Intel Xeon Platinum 8380hl | ||
Intel Xeon Silver 4309y | ||
Intel Xeon Silver 4310 | ||
Intel Xeon Silver 4310t | ||
Intel Xeon Silver 4314 | ||
Intel Xeon Silver 4316 | ||
debian/intel-microcode | 3.20240813.1~deb11u1 3.20240910.1~deb11u1 3.20240910.1~deb12u1 3.20231114.1~deb12u1 3.20241112.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-33117 is a vulnerability related to improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7.
CVE-2021-33117 may allow a local attacker to potentially enable information disclosure via local access.
The affected software versions include 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7.
To fix CVE-2021-33117 on Ubuntu, update the 'intel-microcode' package to version 3.20220207.1 or later.
To fix CVE-2021-33117 on Debian, update the 'intel-microcode' package to one of the following versions: 3.20220510.1~deb10u1, 3.20230808.1~deb10u1, 3.20230214.1~deb11u1, 3.20230808.1~deb11u1, 3.20230512.1, or 3.20230808.1~deb12u1.