Mageia 9: MGASA-2024-0377 critical: Intel microcode denial of service
mageia
November 27, 2024
Improper Finite State Machines (FSMs) in the Hardware logic in some 4th and 5th Generation Intel® Xeon® Processors may allow an authorized user to potentially enable denial of se...
Summary
Improper Finite State Machines (FSMs) in the Hardware logic in some 4th
and 5th Generation Intel® Xeon® Processors may allow an authorized user
to potentially enable denial of service via local access.
(CVE-2024-21853)
Improper conditions check in some Intel® Xeon® processor memory
controller configurations when using Intel® SGX may allow a privileged
user to potentially enable escalation of privilege via local access.
(CVE-2024-23918)
Incorrect default permissions in some Intel® Xeon® processor memory
controller configurations when using Intel® SGX may allow a privileged
user to potentially enable escalation of privilege via local access.
(CVE-2024-21820)
References
- https://bugs.mageia.org/show_bug.cgi?id=33770
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
- https://www.cve.org/CVERecord?id=CVE-2024-21853
- https://www.cve.org/CVERecord?id=CVE-2024-23918
- https://www.cve.org/CVERecord?id=CVE-2024-21820
Resolution
SRPMS
- 9/nonfree/microcode-0.20241112-1.mga9.nonfree
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 27 Nov 2024
URL: https://advisories.mageia.org/MGASA-2024-0377.html
Type: security
CVE: CVE-2024-21853,
CVE-2024-23918,
CVE-2024-21820
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!