CVE-2021-33117
First published: Thu May 12 2022(Updated: )
Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.
Credit: secure@intel.com secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel BIOS | <mr7 | |
| Intel Xeon Gold 5315y | ||
| Intel Xeon Gold 5317 | ||
| Intel Xeon Gold 5318h | ||
| Intel Xeon Gold 5318n | ||
| Intel Xeon Gold 5318s | ||
| Intel Xeon Gold 5318y | ||
| Intel Xeon Gold 5320 | ||
| Intel Xeon Gold 5320h | ||
| Intel Xeon Gold 5320t | ||
| Intel Xeon Gold 6312u | ||
| Intel Xeon Gold 6314u | ||
| Intel Xeon Gold 6326 | ||
| Intel Xeon Gold 6328h | ||
| Intel Xeon Gold 6328hl | ||
| Intel Xeon Gold 6330 | ||
| Intel Xeon Gold 6330h | ||
| Intel Xeon Gold 6330n | ||
| Intel Xeon Gold 6334 | ||
| Intel Xeon Gold 6336y | ||
| Intel Xeon Gold 6338 | ||
| Intel Xeon Gold 6338n | ||
| Intel Xeon Gold 6338t | ||
| Intel Xeon Gold 6342 | ||
| Intel Xeon Gold 6346 | ||
| Intel Xeon Gold 6348 | ||
| Intel Xeon Gold 6348h | ||
| Intel Xeon Gold 6354 | ||
| Intel Xeon Platinum 8351n | ||
| Intel Xeon Platinum 8352m | ||
| Intel Xeon Platinum 8352s | ||
| Intel Xeon Platinum 8352v | ||
| Intel Xeon Platinum 8352y | ||
| Intel Xeon Platinum 8353h | ||
| Intel Xeon Platinum 8354h | ||
| Intel Xeon Platinum 8356h | ||
| Intel Xeon Platinum 8358 | ||
| Intel Xeon Platinum 8358p | ||
| Intel Xeon Platinum 8360h | ||
| Intel Xeon Platinum 8360hl | ||
| Intel Xeon Platinum 8360y | ||
| Intel Xeon Platinum 8362 | ||
| Intel Xeon Platinum 8368 | ||
| Intel Xeon Platinum 8368q | ||
| Intel Xeon Platinum 8376h | ||
| Intel Xeon Platinum 8376hl | ||
| Intel Xeon Platinum 8380 | ||
| Intel Xeon Platinum 8380h | ||
| Intel Xeon Platinum 8380hl | ||
| Intel Xeon Silver 4309y | ||
| Intel Xeon Silver 4310 | ||
| Intel Xeon Silver 4310t | ||
| Intel Xeon Silver 4314 | ||
| Intel Xeon Silver 4316 | ||
| Netapp Fas\/aff Bios | ||
| All of | ||
| Intel BIOS | <mr7 | |
| Any of | ||
| Intel Xeon Gold 5315y | ||
| Intel Xeon Gold 5317 | ||
| Intel Xeon Gold 5318h | ||
| Intel Xeon Gold 5318n | ||
| Intel Xeon Gold 5318s | ||
| Intel Xeon Gold 5318y | ||
| Intel Xeon Gold 5320 | ||
| Intel Xeon Gold 5320h | ||
| Intel Xeon Gold 5320t | ||
| Intel Xeon Gold 6312u | ||
| Intel Xeon Gold 6314u | ||
| Intel Xeon Gold 6326 | ||
| Intel Xeon Gold 6328h | ||
| Intel Xeon Gold 6328hl | ||
| Intel Xeon Gold 6330 | ||
| Intel Xeon Gold 6330h | ||
| Intel Xeon Gold 6330n | ||
| Intel Xeon Gold 6334 | ||
| Intel Xeon Gold 6336y | ||
| Intel Xeon Gold 6338 | ||
| Intel Xeon Gold 6338n | ||
| Intel Xeon Gold 6338t | ||
| Intel Xeon Gold 6342 | ||
| Intel Xeon Gold 6346 | ||
| Intel Xeon Gold 6348 | ||
| Intel Xeon Gold 6348h | ||
| Intel Xeon Gold 6354 | ||
| Intel Xeon Platinum 8351n | ||
| Intel Xeon Platinum 8352m | ||
| Intel Xeon Platinum 8352s | ||
| Intel Xeon Platinum 8352v | ||
| Intel Xeon Platinum 8352y | ||
| Intel Xeon Platinum 8353h | ||
| Intel Xeon Platinum 8354h | ||
| Intel Xeon Platinum 8356h | ||
| Intel Xeon Platinum 8358 | ||
| Intel Xeon Platinum 8358p | ||
| Intel Xeon Platinum 8360h | ||
| Intel Xeon Platinum 8360hl | ||
| Intel Xeon Platinum 8360y | ||
| Intel Xeon Platinum 8362 | ||
| Intel Xeon Platinum 8368 | ||
| Intel Xeon Platinum 8368q | ||
| Intel Xeon Platinum 8376h | ||
| Intel Xeon Platinum 8376hl | ||
| Intel Xeon Platinum 8380 | ||
| Intel Xeon Platinum 8380h | ||
| Intel Xeon Platinum 8380hl | ||
| Intel Xeon Silver 4309y | ||
| Intel Xeon Silver 4310 | ||
| Intel Xeon Silver 4310t | ||
| Intel Xeon Silver 4314 | ||
| Intel Xeon Silver 4316 | ||
| debian/intel-microcode | 3.20240813.1~deb11u1 3.20231114.1~deb11u1 3.20240910.1~deb12u1 3.20231114.1~deb12u1 3.20240910.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security.netapp.com/advisory/ntap-20220818-0001/
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00586.html
- https://launchpad.net/bugs/cve/CVE-2021-33117
- https://security-tracker.debian.org/tracker/CVE-2021-33117
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33117
- https://nvd.nist.gov/vuln/detail/CVE-2021-33117
- https://ubuntu.com/security/CVE-2021-33117
Frequently Asked Questions
What is CVE-2021-33117?
CVE-2021-33117 is a vulnerability related to improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7.
How does CVE-2021-33117 impact systems?
CVE-2021-33117 may allow a local attacker to potentially enable information disclosure via local access.
Which software versions are affected by CVE-2021-33117?
The affected software versions include 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7.
How can I fix CVE-2021-33117 on Ubuntu?
To fix CVE-2021-33117 on Ubuntu, update the 'intel-microcode' package to version 3.20220207.1 or later.
How can I fix CVE-2021-33117 on Debian?
To fix CVE-2021-33117 on Debian, update the 'intel-microcode' package to one of the following versions: 3.20220510.1~deb10u1, 3.20230808.1~deb10u1, 3.20230214.1~deb11u1, 3.20230808.1~deb11u1, 3.20230512.1, or 3.20230808.1~deb12u1.
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/description
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- vendor/intel
- canonical/intel bios
- canonical/intel xeon gold 5315y
- canonical/intel xeon gold 5317
- canonical/intel xeon gold 5318h
- canonical/intel xeon gold 5318n
- canonical/intel xeon gold 5318s
- canonical/intel xeon gold 5318y
- canonical/intel xeon gold 5320
- canonical/intel xeon gold 5320h
- canonical/intel xeon gold 5320t
- canonical/intel xeon gold 6312u
- canonical/intel xeon gold 6314u
- canonical/intel xeon gold 6326
- canonical/intel xeon gold 6328h
- canonical/intel xeon gold 6328hl
- canonical/intel xeon gold 6330
- canonical/intel xeon gold 6330h
- canonical/intel xeon gold 6330n
- canonical/intel xeon gold 6334
- canonical/intel xeon gold 6336y
- canonical/intel xeon gold 6338
- canonical/intel xeon gold 6338n
- canonical/intel xeon gold 6338t
- canonical/intel xeon gold 6342
- canonical/intel xeon gold 6346
- canonical/intel xeon gold 6348
- canonical/intel xeon gold 6348h
- canonical/intel xeon gold 6354
- canonical/intel xeon platinum 8351n
- canonical/intel xeon platinum 8352m
- canonical/intel xeon platinum 8352s
- canonical/intel xeon platinum 8352v
- canonical/intel xeon platinum 8352y
- canonical/intel xeon platinum 8353h
- canonical/intel xeon platinum 8354h
- canonical/intel xeon platinum 8356h
- canonical/intel xeon platinum 8358
- canonical/intel xeon platinum 8358p
- canonical/intel xeon platinum 8360h
- canonical/intel xeon platinum 8360hl
- canonical/intel xeon platinum 8360y
- canonical/intel xeon platinum 8362
- canonical/intel xeon platinum 8368
- canonical/intel xeon platinum 8368q
- canonical/intel xeon platinum 8376h
- canonical/intel xeon platinum 8376hl
- canonical/intel xeon platinum 8380
- canonical/intel xeon platinum 8380h
- canonical/intel xeon platinum 8380hl
- canonical/intel xeon silver 4309y
- canonical/intel xeon silver 4310
- canonical/intel xeon silver 4310t
- canonical/intel xeon silver 4314
- canonical/intel xeon silver 4316
- vendor/netapp
- canonical/netapp fas\/aff bios
- package-manager/debian