CVE-2022-33972

Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access...

CVE-2022-33972

Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access...

Information disclosure

Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access...

UBUNTU-CVE-2022-33972

Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access...

CVE-2022-33972

Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access...

CVE-2022-33972

Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access...

CVE-2022-33972

CVE-2022-33972 concerns Intel microcode on some 3rd Gen Xeon Scalable processors. The root cause is an incorrect calculation in the microcode keying mechanism, which may allow a privileged local user to disclose information. Public records in connected docs confirm this CVE and cite Intel’s advis...

CVE-2022-33972

Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access...

SUSE CVE-2013-6885

The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service system hang via a crafted application, aka the errata 793 issue...

SUSE CVE-2015-2666

Stack-based buffer overflow in the getmatchingmodelmicrocode function in arch/x86/kernel/cpu/microcode/intelearly.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to th...

SUSE CVE-2016-8637

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

2023.1 IPU - Intel® Xeon® Processor Advisory

Summary: A potential security vulnerability in some Intel® Xeon® Processors with Intel® Software Guard Extensions SGX may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-33196 Description: Incorrec...

3rd Generation Intel® Xeon® Scalable Processors Advisory

Summary: A potential security vulnerability in some 3rd Generation Intel® Xeon® Scalable Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-33972 Description: Incorrect calculation in...

2023.1 IPU - Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors with Intel® Software Guard Extensions SGX may allow information disclosure. Intel is releasing firmware updates to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-38090 Description: Improper isolati...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to a denial of service threat due to use of IBM® SDK Java™ Technology Edition, Version 8 (CVE-2022-21626)

Summary IBM Virtualization Engine TS7700 is vulnerable to a denial of service threat CVE-2022-21626 due to the use of IBM® SDK Java™ Technology Edition, Version 8. The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent Cloud...

PT-2023-1481 · Amd · Amd Bios

Name of the Vulnerable Software and Affected Versions: AMD BIOS software affected versions not specified Description: The issue is related to insufficient input validation and incorrect clearing or release of resources in the BIOS microcode of AMD security processors. This could potentially allow...

PT-2023-1485 · Amd · Amd Secure Encrypted Virtualization (Sev) Firmware

Name of the Vulnerable Software and Affected Versions: AMD Secure Encrypted Virtualization SEV firmware affected versions not specified Description: The issue is related to improper input validation and bounds checking in the SEV firmware, which may cause a buffer overflow in memory. This could...

PT-2023-1412 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to insufficient input validation in the SYS KEY DERIVE system call, which can be exploited by an attacker to corrupt AMD Secure Processor ASP OS memory...

PT-2023-1484 · Amd · Amd Secure Encrypted Virtualization

Name of the Vulnerable Software and Affected Versions: AMD Secure Encrypted Virtualization SEV affected versions not specified Description: The issue is related to insufficient input validation in the implementation of AMD Secure Encrypted Virtualization SEV microcode in AMD processors. This coul...

PT-2023-1407 · Amd · Amd Bios

Name of the Vulnerable Software and Affected Versions: AMD BIOS software affected versions not specified Description: The issue is related to a buffer overflow in the memory of AMD processor security microcode, potentially allowing a remote attacker to disclose protected information. It involves...