Fedora 40 : microcode_ctl (2025-dd577cf35f)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-dd577cf35f advisory. - Update to upstream 2.1-48. 20250211 - Addition of 06-bf-06/0x07 microcode in intel-ucode/06-97-02 at revision 0x38; - Addition of 06-bf-07/0x07...

Fedora 41 : microcode_ctl (2024-28ea86c8aa)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-28ea86c8aa advisory. - Update to upstream 2.1-47. 20241112 - Update of 06-8f-04/0x87 SPR-SP E0/S1 microcode in intel-ucode/06-8f-05 from revision 0x2b0005c0 up to...

Error Injection

Intel-ucode is vulnerable to Unauthorized Error Injection. The vulnerability enables a privileged user to potentially escalate the privileges via local access...

Information Disclosure

intel-ucode is vulnerable to Information Disclosure. Improper isolation of shared resources may allow a privileged user to potentially enable information disclosure via local access...

Privilege Escalation

intel-ucode is vulnerable to Privilege Escalation. Incorrect default permissions in some memory controller configurations may allow a privileged user to potentially enable escalation of privilege via local access...

Privilege Escalation

intel-ucode is vulnerable to Privilege Escalation. Insufficient granularity of access control in out-of-band management may allow a privileged user to potentially enable escalation of privilege via adjacent network access...

Information Disclosure

intel-ucode is vulnerable to information disclosure. The vulnerability exists because of the improper isolation of shared resources in some IntelR processors, allowing the privileged user to gain sensitive information via local access...

Information Disclosure

intel-ucode is vulnerable to information disclosure. Processor optimization removal or modification of security-critical code may allow an authenticated user to potentially enable information disclosure via local access...

Privilege Escalation

intel-ucode is vulnerable to privilege escalation. The vulnerability exists due to a lack of sanitiztion during activation of test or debug logic at runtime for some IntelR processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access...

[ASA-202106-34] intel-ucode: multiple issues

Arch Linux Security Advisory ASA-202106-34 ========================================== Severity: High Date : 2021-06-15 CVE-ID : CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVE-2021-24489 Package : intel-ucode Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-2051 Summa...

[ASA-202102-34] intel-ucode: information disclosure

Arch Linux Security Advisory ASA-202102-34 ========================================== Severity: Medium Date : 2021-02-27 CVE-ID : CVE-2020-8696 CVE-2020-8698 Package : intel-ucode Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1588 Summary ======= The package...

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

[ASA-202006-10] intel-ucode: information disclosure

Arch Linux Security Advisory ASA-202006-10 ========================================== Severity: High Date : 2020-06-13 CVE-ID : CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 Package : intel-ucode Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1187 Summary =======...

[ASA-201911-14] intel-ucode: multiple issues

Arch Linux Security Advisory ASA-201911-14 ========================================== Severity: High Date : 2019-11-13 CVE-ID : CVE-2019-0117 CVE-2019-11135 CVE-2019-11139 Package : intel-ucode Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1068 Summary ======= The...

[ASA-201801-10] intel-ucode: access restriction bypass

Arch Linux Security Advisory ASA-201801-10 ========================================== Severity: High Date : 2018-01-10 CVE-ID : CVE-2017-5715 Package : intel-ucode Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-582 Summary ======= The package intel-ucode...