Lucene search

HP Product Security Response TeamHPSBHF03862

HistoryNov 20, 2023 - 12:00 a.m.

Intel® Virtual RAID on CPU (VROC) August 2023 Security Updates

2023-11-2000:00:00

HP Product Security Response Team

support.hp.com

intel

vroc

security

updates

privilege escalation

platforms

software

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Intel has informed HP of a potential security vulnerability identified in the Intel® Virtual RAID on CPU (VROC) software, which might allow escalation of privilege. Intel is releasing software updates to mitigate the potential vulnerability.

Intel has released updates to mitigate the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate the potential vulnerabilities. See the affected platforms listed below.

Affected configurations

Vulners

Node

hphp_z4_g4_workstation_\(core-x\)Range<8.0.8.1001

hphp_z4_g4_workstation_\(xeon_w\)Range<8.0.8.1001

hphp_z4_g5_workstationRange<8.2.0.1985

hphp_z6_g4_workstationRange<8.0.8.1001

hphp_z6_g5_workstationRange<8.2.0.1985

hphp_z8_g4_workstationRange<8.0.8.1001

hphp_z8_g5_fury_workstationRange<8.2.0.1985

hphp_z8_g5_workstationRange<8.2.0.1985

hphp_zcentral_4r_workstationRange<8.0.8.1001

CPENameOperatorVersion
hp z4 g4 workstation (core-x)lt8.0.8.1001
hp z4 g4 workstation (xeon w)lt8.0.8.1001
hp z4 g5 workstationlt8.2.0.1985
hp z6 g4 workstationlt8.0.8.1001
hp z6 g5 workstationlt8.2.0.1985
hp z8 g4 workstationlt8.0.8.1001
hp z8 g5 fury workstationlt8.2.0.1985
hp z8 g5 workstationlt8.2.0.1985
hp zcentral 4r workstationlt8.0.8.1001

Name	Operator	Version
hp z4 g4 workstation (core-x)	lt	8.0.8.1001
hp z4 g4 workstation (xeon w)	lt	8.0.8.1001
hp z4 g5 workstation	lt	8.2.0.1985
hp z6 g4 workstation	lt	8.0.8.1001
hp z6 g5 workstation	lt	8.2.0.1985
hp z8 g4 workstation	lt	8.0.8.1001
hp z8 g5 fury workstation	lt	8.2.0.1985
hp z8 g5 workstation	lt	8.2.0.1985
hp zcentral 4r workstation	lt	8.0.8.1001

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for HPSBHF03862