Chipmaker Intel is reporting a memory bug impacting microprocessor firmware used in “hundreds” of products. According to an advisory issued by the company on Tuesday, the bug is firmware-based and rated as “high” risk with a Common Vulnerability Scoring System (CVSS) score of 7. The vulnerability resides inside some of the Intel Optane SSD and Intel Optane Data Center (DC) products, the impact of which allows privilege escalation, denial of service (DoS), or information disclosure. Intel has released the firmware updates and prescriptive guidance for Optane SSD Bugs that first surfaced a year ago. Solid-state drives (SSD) are used for data storage. Intel optane memory is a system acceleration solution that is used to increase the response time to end-user requests, the Optane memory is installed between the processor and slower storage devices (SATA HDD, SSHD, SSD). The optane memory stores commonly used data and programs closer to the processor. The Intel Optane Data Center SSD is used to eliminate data center storage bottlenecks and provides storage for bigger and more affordable data sets, thus optimizing the overall performance. Vulnerability Details CVE-2021-33078 According to Intel, it has the CVSS base score of 7.9 and is described as a Race condition within a thread in Intel Optane SSD and Intel Optane SSD DC products. An attacker gaining privileged user access may perform a denial-of-service attack via local access. The race condition occurs when two thread tries…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2022-05-11 08:27:002022-05-11 08:27:00Intel Memory Bug Poses Risk for Hundreds of Products
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com