rpm package
almalinux/microcode_ctl
pkg:rpm/almalinux/microcode_ctl
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28956 | Med | 5.6 | < 4:20250512-1.el8_10 | 4:20250512-1.el8_10 | May 13, 2025 | Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2024-39279 | Med | 6.5 | < 4:20250211-1.el9_6 | 4:20250211-1.el9_6 | Feb 12, 2025 | Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access. | |
| CVE-2024-31157 | Med | 5.3 | < 4:20250211-1.el9_6 | 4:20250211-1.el9_6 | Feb 12, 2025 | Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | |
| CVE-2024-28047 | Med | 5.3 | < 4:20250211-1.el9_6 | 4:20250211-1.el9_6 | Feb 12, 2025 | Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | |
| CVE-2023-46103 | Med | 4.7 | < 4:20240910-1.el9_5 | 4:20240910-1.el9_5 | May 16, 2024 | Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access. | |
| CVE-2023-45733 | Low | 2.8 | < 4:20240910-1.el9_5 | 4:20240910-1.el9_5 | May 16, 2024 | Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. | |
| CVE-2023-43490 | Med | 5.3 | < 4:20240910-1.el9_5 | 4:20240910-1.el9_5 | Mar 14, 2024 | Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access. | |
| CVE-2023-39368 | Med | 6.5 | < 4:20240910-1.el9_5 | 4:20240910-1.el9_5 | Mar 14, 2024 | Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access. | |
| CVE-2023-38575 | Med | 5.5 | < 4:20240910-1.el9_5 | 4:20240910-1.el9_5 | Mar 14, 2024 | Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2023-28746 | Med | 6.5 | < 4:20240910-1.el9_5 | 4:20240910-1.el9_5 | Mar 14, 2024 | Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2023-22655 | Med | 6.1 | < 4:20240910-1.el9_5 | 4:20240910-1.el9_5 | Mar 14, 2024 | Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
- affected < 4:20250512-1.el8_10fixed 4:20250512-1.el8_10
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4:20250211-1.el9_6fixed 4:20250211-1.el9_6
Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access.
- affected < 4:20250211-1.el9_6fixed 4:20250211-1.el9_6
Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- affected < 4:20250211-1.el9_6fixed 4:20250211-1.el9_6
Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- affected < 4:20240910-1.el9_5fixed 4:20240910-1.el9_5
Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.
- affected < 4:20240910-1.el9_5fixed 4:20240910-1.el9_5
Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access.
- affected < 4:20240910-1.el9_5fixed 4:20240910-1.el9_5
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
- affected < 4:20240910-1.el9_5fixed 4:20240910-1.el9_5
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access.
- affected < 4:20240910-1.el9_5fixed 4:20240910-1.el9_5
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- affected < 4:20240910-1.el9_5fixed 4:20240910-1.el9_5
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4:20240910-1.el9_5fixed 4:20240910-1.el9_5
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.