CVE-2024-37020 — Sequence of Processor Instructions Leads to Unexpected Behavior in Intel-microcode

CWE-1281 — Sequence of Processor Instructions Leads to Unexpected Behavior4 documents4 sources

Severity

4.8MEDIUMNVD

EPSS

0.0%

top 98.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Intel-microcode

Timeline

PublishedFeb 12

Latest updateFeb 13

Description

Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages1 packages

▶debiandebian/intel-microcode< intel-microcode 3.20250211.1~deb12u1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-5gqq-8pmr-37wh: Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1↗2025-02-13

▶

OSV

CVE-2024-37020: Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1↗2025-02-12

▶

📋Vendor Advisories

Debian

CVE-2024-37020: intel-microcode - Sequence of processor instructions leads to unexpected behavior in the Intel(R) ...↗2024

▶