kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations

A flaw was found in the Linux kernel. Some IntelR XeonR processors with Intel® Software Guard Extensions SGX may allow privilege escalation. This issue may allow a privileged user to enable privilege escalation via local access...

Medium: microcode_ctl

Issue Overview: Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. CVE-2022-21216 Incorrect default permissions in some...

Amazon Linux AMI : microcode_ctl (ALAS-2023-1715)

The version of microcodectl installed on the remote host is prior to 2.1-47.41. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1715 advisory. 2024-02-14: CVE-2022-38090 was added to this advisory. 2024-02-01: CVE-2022-21216 was added to this advisory...

Debian dla-3379 : intel-microcode - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3379 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3379-1 [email protected]...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ucode-intel (SUSE-SU-2023:0568-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0568-1 advisory. - Insufficient granularity of access control in out-of-band management in some IntelR Atom and...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Intel Microcode vulnerabilities (USN-5886-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5886-1 advisory. Erik C. Bjorge discovered that some IntelR Atom and Intel Xeon Scalable Processors did not properly implement access...

SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2023:0456-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0456-1 advisory. - Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may...

Privilege Escalation

intel-ucode is vulnerable to Privilege Escalation. Incorrect default permissions in some memory controller configurations may allow a privileged user to potentially enable escalation of privilege via local access...

DEBIAN-CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

ALPINE-CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

UBUNTU-CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-33196

CVE-2022-33196 is an Intel microcode issue described as: Incorrect default permissions in memory controller configurations on some Intel Xeon processors when using Intel SGX, potentially enabling privilege escalation via local access. Connected sources confirm affected components and mitigations ...

CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

SUSE CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...

Intel Software Guard Extensions 安全漏洞

Intel Software Guard Extensions SGX is a set of security-related instructions from the U.S. company Intel that are built into some Intel central processors. It provides hardware-based memory encryption to isolate application-specific code and data in memory. A security vulnerability exists in...

SUSE CVE-2014-8171

The memory resource controller aka memcg in the Linux kernel allows local users to cause a denial of service deadlock by spawning new processes within a memory-constrained cgroup...