9 matches found
CVE-2020-24489
CVE-2020-24489 concerns incomplete cleanup in some Intel VT-d products enabling potential local-privilege escalation for an authenticated user. Connected advisories confirm mitigation via Intel CPU microcode updates delivered through distribution security advisories (e.g., intel-microcode/microco...
CVE-2020-0551
CVE-2020-0551 describes a load-value injection vulnerability on some Intel processors due to speculative execution, potentially allowing an authenticated local attacker to disclose information via a side channel. The vulnerability’s affected products are listed in Intel security advisory intel-sa...
CVE-2021-0157
CVE-2021-0157 is described in Intel’s BIOS Reference Code Advisory (INTEL-SA-00562). It denotes insufficient control flow management in BIOS firmware for certain Intel processors that could enable privilege escalation via local access. The advisory lists mitigations through firmware updates provi...
CVE-2017-5703
CVE-2017-5703 concerns Intel SPI Flash controller configuration that can let a local attacker alter SPI flash behavior, potentially causing DoS. Connected advisories confirm impact on Intel-based platforms and related vendor responses. IBM’s bulletin lists affected IBM/UEFI firmware and concrete ...
CVE-2021-0158
CVE-2021-0158 involves improper input validation in the BIOS firmware for some Intel processors, enabling local privilege escalation by a user with privileged/local access. The connected intel advisory (INTEL-SA-00562) confirms this family, describing two CVEs in BIOS reference code and noting th...
CVE-2017-5927
CVE-2017-5927 affects ARM processors where page table walks by the MMU during virtual-to-physical address translation leave traces in the last-level cache. A side-channel attack via JavaScript can infer memory and code pointers, breaking ASLR. The linked SUSE entry and related coverage confirm th...
CVE-2020-0559
Intel PROSet/Wireless WiFi software for Windows 7/8.1 contains insecure inherited permissions that may allow an authenticated, local attacker to escalate privileges. The issue affects multiple Intel wireless adapters (e.g., AX200/AX201, Wireless-AC 9560/9462/9461/9260, 8265/8260/3168/7265, 3165, ...
CVE-2017-5926
CVE-2017-5926 describes a side-channel vulnerability affecting AMD processors where page table walks by the MMU leave traces in the last-level cache. A JavaScript-based attack can leak data and code pointers, effectively breaking ASLR. The connected documents confirm the issue is tied to AMD MMU/...
CVE-2017-5925
CVE-2017-5925 describes an Intel MMU page-table walk side-channel vulnerability where, during virtual-to-physical address translation, the MMU leaves traces in the last-level cache, enabling a JavaScript-based attack to leak data and code pointers and break ASLR. Connected sources note that the A...