Lucene search
K

226 matches found

Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.7 views

PT-2025-32757

Name of the Vulnerable Software and Affected Versions: IntelR XeonR 6 Processors affected versions not specified Description: An improperly implemented security check for standard in the DDRIO configuration may allow a privileged user to potentially enable escalation of privilege via local access...

8.8CVSS6.8AI score0.00371EPSS
Exploits0References122
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.5 views

PT-2025-32744

Name of the Vulnerable Software and Affected Versions: IntelR XeonR 6 processors affected versions not specified Description: An out-of-bounds write issue exists in the memory subsystem of certain IntelR XeonR 6 processors when utilizing IntelR SGX or IntelR TDX. A privileged user may be able to...

8.8CVSS6.7AI score0.00371EPSS
Exploits0References123
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.4 views

PT-2025-32697

Name of the Vulnerable Software and Affected Versions: IntelR XeonR Processor firmware with SGX enabled affected versions not specified Description: Improper buffer restrictions in some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially escalate privileges...

8.8CVSS6.7AI score0.00371EPSS
Exploits0References126
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-49785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Add overflow check in sgxvalidateoffsetlength sgxvalidateoffsetlength function...

5.5CVSS5.9AI score0.00164EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/07/10 12:0 a.m.1 views

Supporting Intel(R) SGX on Multi-Package Platforms

Intelr Software Guard Extensions SGX was originally released on client platforms and later extended to single socket server platforms. As developers have become familiar with the capabilities of the technology, the applicability of this capability in the cloud has been tested. Various Cloud Servi...

6.9AI score
Exploits0
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an attempt to recycle a poisoned page in x86/sgx, which could result in a machine check...

5.5CVSS6.9AI score0.00145EPSS
Exploits0References7
Redos
Redos
added 2025/06/24 12:0 a.m.6 views

ROS-20250624-03

A vulnerability in the UEFI firmware of Intel processors is related to insufficient granularity of the access controls. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Software Guard eXtensions SGX implementation of Intel processors is...

6.8CVSS7.1AI score0.00211EPSS
Exploits0
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

Improper access control in the EDECCSSA user leaf function for certain IntelR processors with IntelR SGX may allow an authenticated user to potentially enable denial of service through local access...

6.8CVSS6.5AI score0.00233EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Intel Microcode

Incorrect default permissions in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privileges through local access...

8.5CVSS6.3AI score0.00209EPSS
Exploits0References3
OSV
OSV
added 2025/06/06 2:3 p.m.5 views

OESA-2025-1589 microcode_ctl security update

This is a tool to transform and deploy microcode update for x86 CPUs. Security Fixes: Improper conditions check in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local...

8.8CVSS7AI score0.00256EPSS
Exploits0References2
OSV
OSV
added 2025/06/06 2:3 p.m.5 views

OESA-2025-1588 microcode_ctl security update

This is a tool to transform and deploy microcode update for x86 CPUs. Security Fixes: Improper conditions check in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local...

8.8CVSS7AI score0.00256EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/25 12:0 a.m.11 views

The vulnerabilities of Software Guard eXtensions (SGX) and Trust Domain Extensions (TDX) in microsoftware for Intel Xeon 6 processor with E-cores allow attackers to enhance their privileges.

The vulnerability of Software Guard eXtensions SGX and Trust Domain Extensions TDX in microsoftware for Intel Xeon 6 processor with E-cores is related to improper restrictions on software interfaces by hardware functions. Exploiting this vulnerability can allow attackers to enhance their privileg...

6.1CVSS6.3AI score0.0012EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/05/16 2:55 a.m.3 views

SUSE CVE-2024-48869

Improper restriction of software interfaces to hardware features for some IntelR XeonR 6 processor with E-cores when using IntelR Trust Domain Extensions IntelR TDX or IntelR Software Guard Extensions IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local...

6.1CVSS7.1AI score0.0012EPSS
Exploits0References3
NVD
NVD
added 2025/05/13 9:16 p.m.7 views

CVE-2024-48869

Improper restriction of software interfaces to hardware features for some IntelR XeonR 6 processor with E-cores when using IntelR Trust Domain Extensions IntelR TDX or IntelR Software Guard Extensions IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local...

6.1CVSS0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/13 9:3 p.m.10 views

CVE-2024-48869

Improper restriction of software interfaces to hardware features for some IntelR XeonR 6 processor with E-cores when using IntelR Trust Domain Extensions IntelR TDX or IntelR Software Guard Extensions IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local...

6.1CVSS0.0012EPSS
Exploits0References1
CVE
CVE
added 2025/05/13 9:3 p.m.43 views

CVE-2024-48869

CVE-2024-48869 affects Intel Xeon 6 processors with E-cores when using SGX/TDX. Root cause: improper restriction of software interfaces to hardware features, enabling a privileged local user to escalate privileges. Affected components include SGX/TDX-enabled microcode interfaces; impact is local ...

6.1CVSS7.3AI score0.0012EPSS
Exploits0References1
OSV
OSV
added 2025/05/01 3:16 p.m.1 views

DEBIAN-CVE-2022-49785

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Add overflow check in sgxvalidateoffsetlength sgxvalidateoffsetlength function verifies "offset" and "length" arguments provided by userspace, but was missing an overflow check on their addition. Add it...

5.5CVSS5.4AI score0.00164EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/03/24 12:15 p.m.4 views

Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html CVE-2024-31068: Improper Finite State Machines FSMs i...

6.8CVSS7.3AI score0.00233EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.6 views

The vulnerability of the EDECCSSA function in the Software Guard eXtensions (SGX) technology of Intel microprocessor software allows a hacker to induce a service failure.

The vulnerability of the EDECCSSA function in the Software Guard eXtensions SGX microprogramming software for Intel processors is related to deficiencies in access control. Exploiting this vulnerability could allow a perpetrator to cause service failures...

6.5CVSS6.4AI score0.00233EPSS
Exploits0References8Affected Software3
OSV
OSV
added 2025/02/24 2:29 a.m.4 views

USN-7269-2 intel-microcode vulnerabilities

USN-7269-1 fixed vulnerabilities in Intel Microcode. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: Ke Sun, Paul Grosen and Alyssa Milburn discovered that some Intel® Processors did not properly implement Finite State Machines FSMs in Hardware Logi...

6.8CVSS6.2AI score0.00233EPSS
Exploits0References4
Rows per page
Query Builder