Mageia 9: MGASA-2025-0068 critical: Intel Microcode Denial of Service

mageia

February 17, 2025

Improper Finite State Machines (FSMs) in Hardware Logic for some Intel® Processors may allow privileged user to potentially enable denial of service via local access

Summary

Improper Finite State Machines (FSMs) in Hardware Logic for some Intel® Processors may allow privileged user to potentially enable denial of service via local access. (CVE-2024-31068) Improper access control in the EDECCSSA user leaf function for some Intel® Processors with Intel® SGX may allow an authenticated user to potentially enable denial of service via local access. (CVE-2024-36293) Improper input validation in UEFI firmware for some Intel® processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-43758) Improper handling of physical or environmental conditions in some Intel® Processors may allow an authenticated user to enable denial of service via local access. (CVE-2024-39355) Sequence of processor instructions leads to unexpected behavior in the Intel® DSA V1.0 for some Intel® Xeon® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2024-37020)

References

- https://bugs.mageia.org/show_bug.cgi?id=34020

- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211

- https://www.cve.org/CVERecord?id=CVE-2024-31068

- https://www.cve.org/CVERecord?id=CVE-2024-36293

- https://www.cve.org/CVERecord?id=CVE-2023-43758

- https://www.cve.org/CVERecord?id=CVE-2024-39355

- https://www.cve.org/CVERecord?id=CVE-2024-37020

Topics Covered

security advisory denial of service access control security fix local access CVE microcode update Mageia Intel processor Intel processors

Resolution

SRPMS

- 9/nonfree/microcode-0.20250211-1.mga9.nonfree

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 17 Feb 2025

URL: https://advisories.mageia.org/MGASA-2025-0068.html

Type: security

CVE: CVE-2024-31068, CVE-2024-36293, CVE-2023-43758, CVE-2024-39355, CVE-2024-37020

Topics Covered

security advisory denial of service access control security fix local access CVE microcode update Mageia Intel processor Intel processors

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks