{"containers": {"cna": {"affected": [{"product": "Intel(R) 82599 Ethernet Controllers and Adapters", "vendor": "n/a", "versions": [{"status": "affected", "version": "See references"}]}], "descriptions": [{"lang": "en", "value": "Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access."}], "problemTypes": [{"descriptions": [{"description": " denial of service ", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-02-10T09:07:35.000Z", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20220210-0010/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2021-33096", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Intel(R) 82599 Ethernet Controllers and Adapters", "version": {"version_data": [{"version_value": "See references"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": " denial of service "}]}]}, "references": {"reference_data": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html"}, {"name": "https://security.netapp.com/advisory/ntap-20220210-0010/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220210-0010/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:42:19.600Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20220210-0010/"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-668", "lang": "en", "description": "CWE-668 Exposure of Resource to Wrong Sphere"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-04-23T13:21:31.813800Z", "id": "CVE-2021-33096", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-05T16:51:25.314Z"}}]}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-33096", "datePublished": "2022-02-09T22:04:36.000Z", "dateReserved": "2021-05-18T00:00:00.000Z", "dateUpdated": "2025-05-05T16:51:25.314Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20220210-0010/", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:42:19.600Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-33096", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-23T13:21:31.813800Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-668", "description": "CWE-668 Exposure of Resource to Wrong Sphere"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-05T13:14:17.791Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "Intel(R) 82599 Ethernet Controllers and Adapters", "versions": [{"status": "affected", "version": "See references"}]}], "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html", "tags": ["x_refsource_MISC"]}, {"url": "https://security.netapp.com/advisory/ntap-20220210-0010/", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": " denial of service "}]}], "providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2022-02-10T09:07:35.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "See references"}]}, "product_name": "Intel(R) 82599 Ethernet Controllers and Adapters"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html", "refsource": "MISC"}, {"url": "https://security.netapp.com/advisory/ntap-20220210-0010/", "name": "https://security.netapp.com/advisory/ntap-20220210-0010/", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": " denial of service "}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-33096", "STATE": "PUBLIC", "ASSIGNER": "[email protected]"}}}}, "cveMetadata": {"cveId": "CVE-2021-33096", "state": "PUBLISHED", "dateUpdated": "2025-05-05T16:51:25.314Z", "dateReserved": "2021-05-18T00:00:00.000Z", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "datePublished": "2022-02-09T22:04:36.000Z", "assignerShortName": "intel"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:82599en_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "42AA6DEC-28E4-491A-AAC6-2A23F71D84F5", "versionEndExcluding": "5.13.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:82599en:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE9C1A51-1958-44B6-BF2A-9E6F495C16BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:82599eb_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D2E7DF1-8D81-4AE4-B6A1-EA3EF8B8E109", "versionEndExcluding": "5.13.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:82599eb:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA7E69A5-1455-4689-B440-13BD039BDE67", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:82599es_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "07074ACD-F9C0-4DD4-923D-F7C2233260F1", "versionEndExcluding": "5.13.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:82599es:-:*:*:*:*:*:*:*", "matchCriteriaId": "93EE194A-3044-47F9-89EE-5FE9C03127A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access."}, {"lang": "es", "value": "Un aislamiento inapropiado de los recursos compartidos en la red en chip para los controladores y adaptadores Ethernet Intel(R) 82599 puede permitir a un usuario autenticado habilitar potencialmente una denegaci\u00f3n de servicio por acceso local"}], "id": "CVE-2021-33096", "lastModified": "2025-05-05T17:17:07.720", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-02-09T23:15:15.267", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220210-0010/"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220210-0010/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-668"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-668"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may lead to DoS", "id": "2024711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024711"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-668", "details": ["Improper isolation of shared resources in network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.", "A denial-of-service flaw was found due to improper isolation of shared resources in the network on chip for the Intel(R) 82599 Ethernet Controllers and Adapters. This may allow an authenticated user to potentially create a denial of service via local access."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2021-33096", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-02-18T06:30:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-33096\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-33096\nhttps://security.netapp.com/advisory/ntap-20220210-0010/"], "statement": "There was no shipped kernel version that was seen affected by this problem.", "threat_severity": "Moderate"}