Debian Intel-Microcode vulnerabilities

90 known vulnerabilities affecting debian/intel-microcode.

Total CVEs

90

CISA KEV

0

Public exploits

2

Exploited in wild

1

Severity breakdown

HIGH21MEDIUM66LOW3

Vulnerabilities

Page 4 of 5

CVE-2022-33972MEDIUMCVSS 6.1fixed in intel-microcode 3.20230214.1 (bookworm)2022

CVE-2022-33972 [MEDIUM] CVE-2022-33972: intel-microcode - Incorrect calculation in microcode keying mechanism for some 3rd Generation Inte... Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20230214.1) bullseye: resolved (fixed in 3.20230214.1~deb11u1) forky: resolved (fixed in 3.20230214.1) sid: re

CVE-2022-38090MEDIUMCVSS 6.0fixed in intel-microcode 3.20230214.1 (bookworm)2022

CVE-2022-38090 [MEDIUM] CVE-2022-38090: intel-microcode - Improper isolation of shared resources in some Intel(R) Processors when using In... Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20230214.1) bullseye: resolved (fixed in 3.20230214.1~deb11u1) forky: resolved (fixed in 3.20230214.1) sid: re

CVE-2022-21123MEDIUMCVSS 5.5fixed in intel-microcode 3.20220510.1 (bookworm)2022

CVE-2022-21123 [MEDIUM] CVE-2022-21123: intel-microcode - Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may... Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20220510.1) bullseye: resolved (fixed in 3.20220510.1~deb11u1) forky: resolved (fixed in 3.20220510.1) sid: resolved (fixed in 3.20220510.1) t

CVE-2021-0127MEDIUMCVSS 5.5fixed in intel-microcode 3.20220207.1 (bookworm)2021

CVE-2021-0127 [MEDIUM] CVE-2021-0127: intel-microcode - Insufficient control flow management in some Intel(R) Processors may allow an au... Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access. Scope: local bookworm: resolved (fixed in 3.20220207.1) bullseye: resolved (fixed in 3.20220207.1~deb11u1) forky: resolved (fixed in 3.20220207.1) sid: resolved (fixed in 3.20220207.1) trixie: resolved (

CVE-2021-0145MEDIUMCVSS 5.5fixed in intel-microcode 3.20220207.1 (bookworm)2021

CVE-2021-0145 [MEDIUM] CVE-2021-0145: intel-microcode - Improper initialization of shared resources in some Intel(R) Processors may allo... Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20220207.1) bullseye: resolved (fixed in 3.20220207.1~deb11u1) forky: resolved (fixed in 3.20220207.1) sid: resolved (fixed in 3.20220207.1) trixie:

CVE-2021-33120MEDIUMCVSS 5.4fixed in intel-microcode 3.20220207.1 (bookworm)2021

CVE-2021-33120 [MEDIUM] CVE-2021-33120: intel-microcode - Out of bounds read under complex microarchitectural condition in memory subsyste... Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access. Scope: local bookworm: resolved (fixed in 3.20220207.1) bullseye: resolved (fixed in 3.20220207.1~deb11u1) forky: resolve

CVE-2021-33117MEDIUMCVSS 5.5fixed in intel-microcode 3.20220207.1 (bookworm)2021

CVE-2021-33117 [MEDIUM] CVE-2021-33117: intel-microcode - Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Proces... Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20220207.1) bullseye: resolved (fixed in 3.20220207.1~deb11u1) forky: resolved (fixed in 3.20220207.1) sid: resolv

CVE-2020-24489HIGHCVSS 8.8fixed in intel-microcode 3.20210608.1 (bookworm)2020

CVE-2020-24489 [HIGH] CVE-2020-24489: intel-microcode - Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated use... Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. Scope: local bookworm: resolved (fixed in 3.20210608.1) bullseye: resolved (fixed in 3.20210608.1) forky: resolved (fixed in 3.20210608.1) sid: resolved (fixed in 3.20210608.1) trixie: resolved (fixed in 3.20210608

CVE-2020-8698MEDIUMCVSS 5.5fixed in intel-microcode 3.20201110.1 (bookworm)2020

CVE-2020-8698 [MEDIUM] CVE-2020-8698: intel-microcode - Improper isolation of shared resources in some Intel(R) Processors may allow an ... Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20201110.1) bullseye: resolved (fixed in 3.20201110.1) forky: resolved (fixed in 3.20201110.1) sid: resolved (fixed in 3.20201110.1) trixie: resolved (fix

CVE-2020-24511MEDIUMCVSS 6.5fixed in intel-microcode 3.20210608.1 (bookworm)2020

CVE-2020-24511 [MEDIUM] CVE-2020-24511: intel-microcode - Improper isolation of shared resources in some Intel(R) Processors may allow an ... Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20210608.1) bullseye: resolved (fixed in 3.20210608.1) forky: resolved (fixed in 3.20210608.1) sid: resolved (fixed in 3.20210608.1) trixie: resolved (f

CVE-2020-8695MEDIUMCVSS 5.5fixed in intel-microcode 3.20201110.1 (bookworm)2020

CVE-2020-8695 [MEDIUM] CVE-2020-8695: intel-microcode - Observable discrepancy in the RAPL interface for some Intel(R) Processors may al... Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20201110.1) bullseye: resolved (fixed in 3.20201110.1) forky: resolved (fixed in 3.20201110.1) sid: resolved (fixed in 3.20201110.1) trixie: resolved (

CVE-2020-0548MEDIUMCVSS 5.5fixed in intel-microcode 3.20200609.1 (bookworm)2020

CVE-2020-0548 [MEDIUM] CVE-2020-0548: intel-microcode - Cleanup errors in some Intel(R) Processors may allow an authenticated user to po... Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20200609.1) bullseye: resolved (fixed in 3.20200609.1) forky: resolved (fixed in 3.20200609.1) sid: resolved (fixed in 3.20200609.1) trixie: resolved (fixed in 3.20200609.1)

CVE-2020-24513MEDIUMCVSS 6.5fixed in intel-microcode 3.20210608.1 (bookworm)2020

CVE-2020-24513 [MEDIUM] CVE-2020-24513: intel-microcode - Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors... Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20210608.1) bullseye: resolved (fixed in 3.20210608.1) forky: resolved (fixed in 3.20210608.1) sid: resolved (fixed in 3.20210608.1) trixi

CVE-2020-8696MEDIUMCVSS 5.5fixed in intel-microcode 3.20201110.1 (bookworm)2020

CVE-2020-8696 [MEDIUM] CVE-2020-8696: intel-microcode - Improper removal of sensitive information before storage or transfer in some Int... Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20201110.1) bullseye: resolved (fixed in 3.20201110.1) forky: resolved (fixed in 3.20201110.1) sid: resolved (fixed in 3.202

CVE-2020-0549MEDIUMCVSS 5.5fixed in intel-microcode 3.20200609.1 (bookworm)2020

CVE-2020-0549 [MEDIUM] CVE-2020-0549: intel-microcode - Cleanup errors in some data cache evictions for some Intel(R) Processors may all... Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20200609.1) bullseye: resolved (fixed in 3.20200609.1) forky: resolved (fixed in 3.20200609.1) sid: resolved (fixed in 3.20200609.1) trixie: resolve

CVE-2020-0543MEDIUMCVSS 5.5fixed in intel-microcode 3.20200609.1 (bookworm)2020

CVE-2020-0543 [MEDIUM] CVE-2020-0543: intel-microcode - Incomplete cleanup from specific special register read operations in some Intel(... Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20200609.1) bullseye: resolved (fixed in 3.20200609.1) forky: resolved (fixed in 3.20200609.1) sid: resolved (fixed in 3.202006

CVE-2020-24512LOWCVSS 3.3fixed in intel-microcode 3.20210608.1 (bookworm)2020

CVE-2020-24512 [LOW] CVE-2020-24512: intel-microcode - Observable timing discrepancy in some Intel(R) Processors may allow an authentic... Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Scope: local bookworm: resolved (fixed in 3.20210608.1) bullseye: resolved (fixed in 3.20210608.1) forky: resolved (fixed in 3.20210608.1) sid: resolved (fixed in 3.20210608.1) trixie: resolved (fixed in 3.20

CVE-2019-11135MEDIUMCVSS 6.5fixed in intel-microcode 3.20191112.1 (bookworm)2019

CVE-2019-11135 [MEDIUM] CVE-2019-11135: intel-microcode - TSX Asynchronous Abort condition on some CPUs utilizing speculative execution ma... TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Scope: local bookworm: resolved (fixed in 3.20191112.1) bullseye: resolved (fixed in 3.20191112.1) forky: resolved (fixed in 3.20191112.1) sid: resolved (fixed in 3.

CVE-2019-11139MEDIUMCVSS 6.0fixed in intel-microcode 3.20191112.1 (bookworm)2019

CVE-2019-11139 [MEDIUM] CVE-2019-11139: intel-microcode - Improper conditions check in the voltage modulation interface for some Intel(R) ... Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. Scope: local bookworm: resolved (fixed in 3.20191112.1) bullseye: resolved (fixed in 3.20191112.1) forky: resolved (fixed in 3.20191112.1) sid: resolved (fixed in 3

CVE-2019-11091MEDIUMCVSS 5.6fixed in intel-microcode 3.20190514.1 (bookworm)2019

CVE-2019-11091 [MEDIUM] CVE-2019-11091: intel-microcode - Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory ... Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents

← Previous4 / 5Next →