RHEL 7 : microcode_ctl (RHSA-2025:10111)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10111 advisory. The microcodectl packages provide microcode updates for Intel and AMD processors. Security Fixes: microcodectl: From CVEorg collector...

Amazon Linux AMI : microcode_ctl (ALAS-2024-1950)

The version of microcodectl installed on the remote host is prior to 2.1-47.44. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1950 advisory. 2024-12-05: CVE-2024-21820 was added to this advisory. 2024-12-05: CVE-2024-23918 was added to this advisory...

Amazon Linux 2023 : microcode_ctl (ALAS2023-2024-716)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-716 advisory. 2024-09-26: CVE-2024-22374 was added to this advisory. Improper isolation in some IntelR Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of...

Information Disclosure

microcodectl is vulnerable to information disclosure. An authenticated user is able to obtain confidential information via local access due to cleanup errors...

Privilege Escalation

microcodectl is vulnerable to privilege escalation. The vulnerability exists through the Special Register Buffer Data Sampling SRBDS module...