Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-31315HistoryAug 12, 2024 - 1:38 p.m.
CVE-2023-31315
2024-08-1213:38:10
Debian Security Bug Tracker
security-tracker.debian.org
9
improper validation
model specific register
smm configuration
arbitrary code execution
unix
CVSS3
7.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
8
Confidence
Low
EPSS
0
Percentile
9.5%
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | amd64-microcode | < 3.20240710.2~deb12u1 | amd64-microcode_3.20240710.2~deb12u1_all.deb |
| Debian | 11 | all | amd64-microcode | < 3.20240710.2~deb11u1 | amd64-microcode_3.20240710.2~deb11u1_all.deb |
| Debian | 999 | all | amd64-microcode | < 3.20240710.1 | amd64-microcode_3.20240710.1_all.deb |
| Debian | 13 | all | amd64-microcode | < 3.20240710.1 | amd64-microcode_3.20240710.1_all.deb |
Related
nessus
nessus
Oracle Linux 8 : linux-firmware (ELSA-2024-12580)
2024-08-09 00:00:00
SUSE SLES12 Security Update : kernel-firmware (SUSE-SU-2024:2911-1)
2024-08-15 00:00:00
RHEL 7 : linux-firmware (RHSA-2024:5982)
2024-08-28 00:00:00
freebsd
freebsd
AMD CPUs -- Guest Memory Vulnerabilities
2024-08-09 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2944-1)
2024-08-19 00:00:00
openSUSE: Security Advisory for kernel (SUSE-SU-2024:3081-1)
2024-09-04 00:00:00
Fedora: Security Advisory (FEDORA-2024-3dbf10c949)
2024-09-17 00:00:00
amazon
amazon
Important: linux-firmware
2024-08-14 19:06:00
vulnrichment
vulnrichment
CVE-2023-31315
2024-08-09 17:08:24
redhatcve
redhatcve
CVE-2023-31315
2024-08-12 10:29:35
amd
amd
SMM Lock Bypass
2024-08-09 00:00:00
osv
osv
Security update for kernel-firmware
2024-08-16 11:08:39
Security update for kernel-firmware
2024-08-14 14:18:02
kernel-firmware-all-20240809-1.1 on GA media
2024-08-14 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: linux-firmware-20240909-1.fc39
2024-09-17 02:08:06
[SECURITY] Fedora 40 Update: linux-firmware-20240909-1.fc40
2024-09-11 01:25:48
[SECURITY] Fedora 41 Update: linux-firmware-20240909-1.fc41
2024-09-17 00:15:37
redhat
redhat
(RHSA-2024:5980) Important: linux-firmware security update
2024-08-29 00:03:32
(RHSA-2024:5982) Important: linux-firmware security update
2024-08-29 00:03:39
(RHSA-2024:5978) Important: linux-firmware security update
2024-08-29 00:03:24
oraclelinux
oraclelinux
linux-firmware security update
2024-08-08 00:00:00
linux-firmware security update
2024-08-08 00:00:00
linux-firmware security update
2024-08-08 00:00:00
cvelist
cvelist
CVE-2023-31315
2024-08-09 17:08:24
nvd
nvd
CVE-2023-31315
2024-08-12 13:38:10
cve
cve
CVE-2023-31315
2024-08-12 13:38:10
thn
thn
GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
2024-08-13 14:02:00
CVSS3
7.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
8
Confidence
Low
EPSS
0
Percentile
9.5%
Related for DEBIANCVE:CVE-2023-31315