Lucene search

[email protected]NVD:CVE-2024-21823

HistoryMay 16, 2024 - 9:16 p.m.

CVE-2024-21823

2024-05-1621:16:03

CWE-1264

[email protected]

web.nvd.nist.gov

hardware logic

de-synchronization

intel

4th generation

5th generation

xeon processors

denial of service

local access

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

JSON

Hardware logic with insecure de-synchronization in Intel® DSA and Intel® IAA for some Intel® 4th or 5th generation Xeon® processors may allow an authorized user to potentially enable denial of service via local access.

References

www.openwall.com/lists/oss-security/2024/05/15/1

lists.fedoraproject.org/archives/list/[email protected]/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/

lists.fedoraproject.org/archives/list/[email protected]/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

JSON

Related for NVD:CVE-2024-21823

cve1 ubuntucve1 debiancve1 cvelist1 redhatcve1 nessus10 openvas9 fedora2 ubuntu4 osv7