CVE-2023-39368 — Protection Mechanism Failure in Intel-microcode

CWE-693 — Protection Mechanism Failure8 documents7 sources

Severity

6.5MEDIUMNVD

OSV6.1

EPSS

0.2%

top 57.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Intel-microcode

Timeline

PublishedMar 14

Latest updateMay 29

Description

Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶debiandebian/intel-microcode< intel-microcode 3.20240312.1~deb12u1 (bookworm)

🔴Vulnerability Details

OSV

intel-microcode vulnerabilities↗2024-05-29

▶

OSV

CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of serv↗2024-03-14

▶

GHSA

GHSA-pvrq-gg3w-f695: Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of serv↗2024-03-14

▶

📋Vendor Advisories

Ubuntu

Intel Microcode vulnerabilities↗2024-05-29

▶

Red Hat

kernel: Possible Denial of Service on Intel(R) Processors↗2024-02-14

▶

Debian

CVE-2023-39368: intel-microcode - Protection mechanism failure of bus lock regulator for some Intel(R) Processors ...↗2023

▶

💬Community

Bugzilla

CVE-2023-39368 kernel: Possible Denial of Service on Intel(R) Processors↗2024-03-21

▶