kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R)

A vulnerability was found in the Intel Xeon Processor's microcode. This issue may allow a malicious actor to achieve local privilege escalation when using Intel SGX or Intel TDX features...

The vulnerability of the Software Guard eXtensions (SGX) processor implementation allows a hacker to disclose protected information.

The vulnerability of the Software Guard eXtensions SGX processor implementation is related to the checking of incorrect conditions. Exploiting this vulnerability can allow an attacker to disclose protected information...

SUSE CVE-2024-49856

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all other EPC sections are used up, CPU can get stuck inside the while loop that looks for an available EP...

UBUNTU-CVE-2024-49856

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all other EPC sections are used up, CPU can get stuck inside the while loop that looks for an available EP...

kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R)

A vulnerability was found in the Intel Xeon Processor's microcode. This issue may allow a malicious actor to achieve local privilege escalation when using Intel SGX or Intel TDX features...

kernel: Local information disclosure on Intel(R) Xeon(R) D processors with Intel(R) SGX due to incorrect calculation in microcode

A vulnerability was found in some Intel Xeon D Processors with Intel SGX. This issue may allow a local attacker to achieve sensitive information disclosure, impacting the data confidentiality of the targeted system...

The vulnerability of Intel Software Guard processor extensions, related to information disclosure, allows attackers to gain access to confidential data.

The vulnerability of Intel Software Guard processor extensions in Intel microcode relates to the disclosure of information. Exploiting this vulnerability allows a perpetrator to gain access to confidential data...

DEBIAN-CVE-2024-1543

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the...

UBUNTU-CVE-2024-1543

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the...

PT-2024-18127 · Wolfssl +1 · Wolfssl +1

Name of the Vulnerable Software and Affected Versions: wolfSSL versions up to 5.6.5 Description: The side-channel protected T-Table implementation in wolfSSL protects against a side-channel attacker with cache-line resolution. However, in a controlled environment such as Intel SGX, an attacker ca...

USN-6797-1 intel-microcode vulnerabilities

It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only...

ALPINE-CVE-2023-22655

Protection mechanism failure in some 3rd and 4th Generation IntelR XeonR Processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

DEBIAN-CVE-2023-22655

Protection mechanism failure in some 3rd and 4th Generation IntelR XeonR Processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

SUSE CVE-2023-22655

Protection mechanism failure in some 3rd and 4th Generation IntelR XeonR Processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

SUSE CVE-2023-43490

Incorrect calculation in microcode keying mechanism for some IntelR XeonR D Processors with IntelR SGX may allow a privileged user to potentially enable information disclosure via local access...

PT-2024-2540 · Intel · Intel Xeon Processors

Name of the Vulnerable Software and Affected Versions: Intel Xeon Processors affected versions not specified Description: The issue is related to improper access control in the on-chip debug and test interface of some 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX. This ma...

The vulnerability of the secs.epc_page function in the sgx component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the secs.epcpage function in the sgx component of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

UBUNTU-CVE-2023-22655

Protection mechanism failure in some 3rd and 4th Generation IntelR XeonR Processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

2024.1 IPU OOB - Intel® Xeon® D Processor Advisory

Summary: A potential security vulnerability in some Intel® Xeon® D Processors with Intel® Software Guard Extensions SGX may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-43490 Description:...

UBUNTU-CVE-2023-43490

Incorrect calculation in microcode keying mechanism for some IntelR XeonR D Processors with IntelR SGX may allow a privileged user to potentially enable information disclosure via local access...