Medium: microcode_ctl

Issue Overview: Non-transparent sharing of return predictor targets between contexts in some Intel® Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2023-38575 Protection mechanism failure of bus lock regulator for some Intel® Processors m...

CentOS 9 : microcode_ctl-20220809-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the microcodectl-20220809-1.el9 build changelog. - Insufficient control flow management in some IntelR Processors may allow an authenticated user to potentially enable a denial of...

CentOS 9 : microcode_ctl-20230214-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the microcodectl-20230214-1.el9 build changelog. - Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may...

Important: microcode_ctl

Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...

microcode_ctl bug fix and enhancement update

An update is available for microcodectl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The microcodectl packages provide microcode updates for Intel processors...

Fedora: Security Advisory for microcode_ctl (FEDORA-2023-40e71fe5b9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : microcode_ctl (2023-40e71fe5b9)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-40e71fe5b9 advisory. - Update to upstream 2.1-42. 20231114 - Update of 06-6a-06/0x87 ICX-SP D0 microcode from revision 0xd0003a5 up to 0xd0003b9; - Update of 06-6c-01/0x10 ICL-D ...

Fedora: Security Advisory for microcode_ctl (FEDORA-2023-3dfc0123b0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2023-e4cb865604)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : microcode_ctl (ELSA-2023-12991)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-12991 advisory. 4:20230808-2.0.2 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Fedora 38 : microcode_ctl (2023-3dfc0123b0)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-3dfc0123b0 advisory. - Update to upstream 2.1-42. 20231114 - Update of 06-6a-06/0x87 ICX-SP D0 microcode from revision 0xd0003a5 up to 0xd0003b9; - Update of 06-6c-01/0x10 ICL-D ...

microcode_ctl security update

4:20230808-2.0.2 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583...

Fedora 39 : microcode_ctl (2023-e4cb865604)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-e4cb865604 advisory. - Update to upstream 2.1-42. 20231114 - Update of 06-6a-06/0x87 ICX-SP D0 microcode from revision 0xd0003a5 up to 0xd0003b9; - Update of 06-6c-01/0x10 ICL-D ...

Important: microcode_ctl

Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...

Amazon Linux 2023 : microcode_ctl (ALAS2023-2023-436)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-436 advisory. 2024-03-27: CVE-2023-23908 was added to this advisory. An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable Icelake processors. The issue...

Amazon Linux 2 : microcode_ctl (ALAS-2023-2341)

The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2341 advisory. An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable Icelake processors...

Important: Red Hat Enhancement Advisory: microcode_ctl bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 8. For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section...

Oracle Linux 7 : microcode_ctl (ELSA-2023-12989)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-12989 advisory. 2:2.1-73.19.0.3 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Important: microcode_ctl

Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...

Oracle Linux 8 : microcode_ctl (ELSA-2023-12988)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-12988 advisory. 4:20230808-2.0.2 - update 06-6a-06 to 0xd0003b9 CVE-2023-23583 Tenable has extracted the preceding description block directly from the Oracle Linux security...