rpm package

suse/ucode-intel&distro=SUSE Linux Micro 6.0

pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Micro%206.0

Vulnerabilities (35)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-23918	Hig	8.8	< 20241112-1.1	20241112-1.1	Nov 13, 2024	Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-21853	Med	4.7	< 20241112-1.1	20241112-1.1	Nov 13, 2024	Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access.
CVE-2024-21820	Hig	7.2	< 20241112-1.1	20241112-1.1	Nov 13, 2024	Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-24968	Med	5.3	< 20240910-1.1	20240910-1.1	Sep 16, 2024	Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.
CVE-2024-23984	Med	5.3	< 20240910-1.1	20240910-1.1	Sep 16, 2024	Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-24853	Hig	7.2	< 20260210-1.1	20260210-1.1	Aug 14, 2024	Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-46103	Med	4.7	< 20240813-1.1	20240813-1.1	May 16, 2024	Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-45733	Low	2.8	< 20240813-1.1	20240813-1.1	May 16, 2024	Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access.
CVE-2023-47855		—	< 20240813-1.1	20240813-1.1	May 16, 2024	Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-45745		—	< 20240813-1.1	20240813-1.1	May 16, 2024	Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-43490	Med	5.3	< 20240813-1.1	20240813-1.1	Mar 14, 2024	Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
CVE-2023-39368	Med	6.5	< 20240813-1.1	20240813-1.1	Mar 14, 2024	Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access.
CVE-2023-38575	Med	5.5	< 20240813-1.1	20240813-1.1	Mar 14, 2024	Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2023-28746	Med	6.5	< 20240813-1.1	20240813-1.1	Mar 14, 2024	Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-22655	Med	6.1	< 20240813-1.1	20240813-1.1	Mar 14, 2024	Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2024-23918HigNov 13, 2024
affected < 20241112-1.1fixed 20241112-1.1
Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-21853MedNov 13, 2024
affected < 20241112-1.1fixed 20241112-1.1
Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access.
CVE-2024-21820HigNov 13, 2024
affected < 20241112-1.1fixed 20241112-1.1
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-24968MedSep 16, 2024
affected < 20240910-1.1fixed 20240910-1.1
Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.
CVE-2024-23984MedSep 16, 2024
affected < 20240910-1.1fixed 20240910-1.1
Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-24853HigAug 14, 2024
affected < 20260210-1.1fixed 20260210-1.1
Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-46103MedMay 16, 2024
affected < 20240813-1.1fixed 20240813-1.1
Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-45733LowMay 16, 2024
affected < 20240813-1.1fixed 20240813-1.1
Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access.
CVE-2023-47855May 16, 2024
affected < 20240813-1.1fixed 20240813-1.1
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-45745May 16, 2024
affected < 20240813-1.1fixed 20240813-1.1
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-43490MedMar 14, 2024
affected < 20240813-1.1fixed 20240813-1.1
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
CVE-2023-39368MedMar 14, 2024
affected < 20240813-1.1fixed 20240813-1.1
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access.
CVE-2023-38575MedMar 14, 2024
affected < 20240813-1.1fixed 20240813-1.1
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVE-2023-28746MedMar 14, 2024
affected < 20240813-1.1fixed 20240813-1.1
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-22655MedMar 14, 2024
affected < 20240813-1.1fixed 20240813-1.1
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Page 2 of 2