Debian 10: DLA-3379-1 Critical: Intel Microcode Privilege Escalation
debian lts
April 1, 2023
Multiple potential security vulnerabilities in some Intel® Processors have been found which may allow information disclosure or may allow escalation of privilege
Summary
CVE-2022-21216 (INTEL-SA-00700)
Insufficient granularity of access control in out-of-band
management in some Intel(R) Atom and Intel Xeon Scalable Processors
may allow a privileged user to potentially enable escalation of
privilege via adjacent network access.
CVE-2022-33196 (INTEL-SA-00738)
Incorrect default permissions in some memory controller
configurations for some Intel(R) Xeon(R) Processors when using
Intel(R) Software Guard Extensions which may allow a privileged user
to potentially enable escalation of privilege via local access.
This fix may require a firmware update to be effective on some
processors.
CVE-2022-33972 (INTEL-SA-00730)
Incorrect calculation in microcode keying mechanism for some 3rd
Generation Intel(R) Xeon(R) Scalable Processors may allow a
privileged user to potentially enable information disclosure via
local acces
CVE-2022-38090 (INTEL-SA-00767)
Improper isolation of shared resources in some Intel(R) Processors
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
-------------------------------------------------------------------------Package: intel-microcode
Version: 3.20230214.1~deb10u1
CVE ID: CVE-2022-21216 CVE-2022-21233 CVE-2022-33196 CVE-2022-33972
Debian Bug: 1031334
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!