Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Debian 10 DLA-3808-1 Critical Intel Microcode Update Advisory

debian lts
Calendar Grey May 4, 2024
Dist Debian Esm H88
Debian LTS Advisory DLA-3809-1 pertains to openssl security vulnerabilities; updates are highly encouraged.
Intel has released microcode updates, addressing serveral vulnerabilties

Summary

CVE-2023-22655

Protection mechanism failure in some 3rd and 4th Generation Intel(R)
Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow
a privileged user to potentially enable escalation of privilege via
local access.

CVE-2023-28746

Information exposure through microarchitectural state after
transient execution from some register files for some Intel(R)
Atom(R) Processors may allow an authenticated user to potentially
enable information disclosure via local access.

CVE-2023-38575

Non-transparent sharing of return predictor targets between contexts
in some Intel(R) Processors may allow an authorized user to
potentially enable information disclosure via local access.

CVE-2023-39368

Protection mechanism failure of bus lock regulator for some Intel(R)
Processors may allow an unauthenticated user to potentially enable
denial of service via network access.

CVE-2023-43490

Incorrect calculation in microcode keying mechanism for some

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

Package: intel-microcode
Version: 3.20240312.1~deb10u1
CVE ID: CVE-2023-22655 CVE-2023-28746 CVE-2023-38575 CVE-2023-39368
Debian Bug: 1066108

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here