Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-5486-1
HistoryJun 20, 2022 - 12:00 a.m.

Intel Microcode vulnerabilities

2022-06-2000:00:00
ubuntu.com
63

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.2%

JSON

Releases

  • Ubuntu 22.04 LTS
  • Ubuntu 21.10
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 ESM

Packages

  • intel-microcode - Processor microcode for Intel CPUs

Details

It was discovered that some Intel processors did not implement sufficient
control flow management. A local attacker could use this to cause a denial
of service. (CVE-2021-0127)

Joseph Nuzman discovered that some Intel processors did not properly
initialise shared resources. A local attacker could use this to obtain
sensitive information. (CVE-2021-0145)

Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel
processors did not prevent test and debug logic from being activated at
runtime. A local attacker could use this to escalate
privileges. (CVE-2021-0146)

It was discovered that some Intel processors did not properly restrict
access in some situations. A local attacker could use this to obtain
sensitive information. (CVE-2021-33117)

Brandon Miller discovered that some Intel processors did not properly
restrict access in some situations. A local attacker could use this to
obtain sensitive information or a remote attacker could use this to cause a
denial of service. (CVE-2021-33120)

It was discovered that some Intel processors did not completely perform
cleanup actions on multi-core shared buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21123,
CVE-2022-21127)

Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi discovered that
some Intel processors improperly optimised security-critical code. A local
attacker could possibly use this to expose sensitive
information. (CVE-2022-21151)

It was discovered that some Intel processors did not properly perform
cleanup during specific special register write operations. A local attacker
could possibly use this to expose sensitive information. (CVE-2022-21166)

OSVersionArchitecturePackageVersionFilename
Ubuntu22.04noarchintel-microcode< 3.20220510.0ubuntu0.22.04.1UNKNOWN
Ubuntu21.10noarchintel-microcode< 3.20220510.0ubuntu0.21.10.1UNKNOWN
Ubuntu20.04noarchintel-microcode< 3.20220510.0ubuntu0.20.04.1UNKNOWN
Ubuntu18.04noarchintel-microcode< 3.20220510.0ubuntu0.18.04.1UNKNOWN

Related

openvas 23
nessus 48
osv 14
cloudfoundry 1
ubuntu 4
suse 2
mageia 3
amazon 4
rocky 4
almalinux 3
debian 1
hp 1
oraclelinux 11
intel 6
malwarebytes 1
mscve 2
gentoo 1
fedora 3
citrix 1
f5 4
ibm 1
vmware 1
xen 1
prion 6
cvelist 8
cve 8
redhatcve 7
redhat 6
ubuntucve 6
veracode 6
debiancve 6
alpinelinux 4
centos 1
broadcom 1
openvas
openvas
Ubuntu: Security Advisory (USN-5486-1)
2022-06-21 00:00:00
Ubuntu: Security Advisory (USN-5535-1)
2022-08-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0574-1)
2022-02-26 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Intel Microcode vulnerabilities (USN-5486-1)
2022-06-20 00:00:00
Ubuntu 16.04 ESM : Intel Microcode vulnerabilities (USN-5535-1)
2022-07-28 00:00:00
SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2022:0575-1)
2022-02-26 00:00:00
osv
osv
intel-microcode vulnerabilities
2022-06-20 04:21:50
Intel Microcode vulnerabilities
2022-07-28 05:31:23
intel-microcode - security update
2022-07-06 00:00:00
cloudfoundry
cloudfoundry
USN-5486-1: Intel Microcode vulnerabilities | Cloud Foundry
2022-06-30 00:00:00
ubuntu
ubuntu
Intel Microcode vulnerabilities
2022-07-28 00:00:00
Linux kernel vulnerabilities
2022-06-17 00:00:00
Linux kernel (OEM) vulnerabilities
2022-07-01 00:00:00
suse
suse
Security update for ucode-intel (important)
2022-02-25 00:00:00
Security update for ucode-intel (moderate)
2022-05-18 00:00:00
mageia
mageia
Updated microcode packages fix security vulnerabilities
2022-02-15 23:50:31
Updated kernel packages fix security vulnerabilities
2022-06-29 19:18:17
Updated kernel-linus packages fix security vulnerabilities
2022-06-29 19:18:17
amazon
amazon
Medium: microcode_ctl
2022-06-30 23:38:00
Important: microcode_ctl
2022-03-07 23:34:00
Medium: microcode_ctl
2022-05-31 23:50:00
rocky
rocky
microcode_ctl bug fix and enhancement update
2022-04-26 13:49:11
kernel-rt security and bug fix update
2022-09-13 07:36:33
kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
almalinux
almalinux
microcode_ctl bug fix and enhancement update
2022-04-26 13:49:11
Moderate: kernel security, bug fix, and enhancement update
2022-09-13 00:00:00
Moderate: kernel-rt security and bug fix update
2022-09-13 00:00:00
debian
debian
[SECURITY] [DSA 5178-1] intel-microcode security update
2022-07-06 13:13:16
hp
hp
Intel® Processors June 2022 Security Update
2022-06-14 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2022-06-15 00:00:00
Unbreakable Enterprise kernel-container security update
2022-06-14 00:00:00
microcode_ctl security update
2022-06-15 00:00:00
intel
intel
Intel® Processors MMIO Stale Data Advisory
2022-10-19 00:00:00
3rd Generation Intel® Xeon® Scalable Processors Advisory
2022-10-19 00:00:00
2021.2 IPU - Intel Atom® Processor Advisory
2022-02-08 00:00:00
malwarebytes
malwarebytes
Intel CPU vulnerabilities fixed. But should you update?
2023-03-06 07:00:00
mscve
mscve
Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities
2022-06-14 07:00:00
Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update)
2022-06-14 07:00:00
gentoo
gentoo
intel-microcode: Multiple Vulnerabilities
2024-02-19 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: kernel-5.18.5-200.fc36
2022-06-17 01:16:22
[SECURITY] Fedora 35 Update: kernel-5.18.5-100.fc35
2022-06-18 01:45:12
[SECURITY] Fedora 36 Update: xen-4.16.1-4.fc36
2022-07-01 01:09:33
citrix
citrix
Citrix Hypervisor Security Update
2022-06-23 20:06:39
f5
f5
K04808933 : Intel Processors MMIO Stale Data Advisory vulnerabilities CVE-2022-21123, CVE-2022-21125, and CVE-2022-21127
2022-07-18 00:00:00
K29421535 : Intel processor vulnerability CVE-2021-33117
2022-06-07 00:00:00
K95204515 : Intel CPU vulnerability CVE-2022-21151
2022-06-07 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Intel Processors affect IBM Cloud Pak System
2023-03-31 15:06:36
vmware
vmware
VMware ESXi addresses DirectPath I/O (PCI-Passthrough) Information Leak vulnerabilities (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166)
2022-06-14 00:00:00
xen
xen
x86: MMIO Stale Data vulnerabilities
2022-06-14 18:21:00
prion
prion
Improper access control
2022-05-12 17:15:00
Design/Logic Flaw
2022-02-09 23:15:00
Information disclosure
2022-05-12 17:15:00
cvelist
cvelist
CVE-2021-33117
2022-05-12 16:36:03
CVE-2021-33120
2022-02-09 22:04:42
CVE-2022-21151
2022-05-12 16:36:06
cve
cve
CVE-2021-33117
2022-05-12 17:15:00
CVE-2021-33120
2022-02-09 23:15:00
CVE-2022-21151
2022-05-12 17:15:00
redhatcve
redhatcve
CVE-2021-33117
2022-05-16 14:31:12
CVE-2021-33120
2022-02-08 19:09:38
CVE-2022-21151
2022-05-16 14:44:20
redhat
redhat
(RHSA-2022:6437) Moderate: kernel-rt security and bug fix update
2022-09-13 07:36:33
(RHSA-2022:6460) Moderate: kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
(RHSA-2022:7279) Important: kernel security and bug fix update
2022-11-01 14:04:32
ubuntucve
ubuntucve
CVE-2021-33117
2022-05-12 00:00:00
CVE-2021-33120
2022-02-09 00:00:00
CVE-2022-21151
2022-05-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-02-26 01:20:43
Information Disclosure
2022-05-14 02:48:57
Information Disclosure
2022-05-13 08:59:12
debiancve
debiancve
CVE-2021-33117
2022-05-12 17:15:00
CVE-2021-33120
2022-02-09 23:15:00
CVE-2022-21151
2022-05-12 17:15:00
alpinelinux
alpinelinux
CVE-2022-21151
2022-05-12 17:15:00
CVE-2022-21127
2022-06-15 20:15:00
CVE-2021-0127
2022-02-09 23:15:00
centos
centos
bpftool, kernel, perf, python security update
2022-08-15 17:35:43
broadcom
broadcom
Hardware allows activation of test or debug logic
2023-08-01 00:00:00

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.2%

JSON
Related for USN-5486-1
openvas23nessus48osv14cloudfoundry1ubuntu4suse2mageia3amazon4rocky4almalinux3debian1hp1oraclelinux11intel6malwarebytes1mscve2gentoo1fedora3citrix1f54ibm1vmware1xen1prion6cvelist8cve8redhatcve7redhat6ubuntucve6veracode6debiancve6alpinelinux4centos1broadcom1