23 matches found
CVE-2019-14615
The CVE-2019-14615 issue concerns the Linux kernel i915 Intel graphics driver: insufficiently cleared data structures on context switches could leak information to a local attacker. Public notes indicate that the Ubuntu 18.04 kernel fix for CVE-2019-14615 was incomplete in certain kernel versions...
CVE-2022-40982
CVE-2022-40982 is an information-leak via microarchitectural state after transient execution in certain Intel vector execution units. The connected docs consistently describe local information disclosure by an authenticated user on affected Intel processors, with mitigations centered on firmware/...
CVE-2022-21151
CVE-2022-21151 involves Intel processors where optimization/removal of security-critical code in the processor microcode can allow an authenticated local attacker to cause information disclosure. Affected vectors are local access with low attack complexity and no user interaction. Public docs con...
CVE-2022-0004
CVE-2022-0004 concerns Intel® Boot Guard and Intel® TXT. The issue arises from hardware debug modes and a processor INIT setting that allow an unauthenticated user to potentially bypass protections and escalate privileges via physical access. Intel lists affected generations (10th–12th Gen Core, ...
CVE-2022-0005
CVE-2022-0005 concerns a potential information disclosure via the JTAG interface on Intel SGX-enabled CPUs. The provided documents confirm a physical-access vulnerability affecting SGX-enabled processors, with related Nessus/ALAS advisories listing CVE-2022-0005 alongside CVEs 2022-21131, 2022-21...
CVE-2021-0116
CVE-2021-0116 is an Intel firmware vulnerability described as an out-of-bounds write in the affected Intel processors’ firmware that could allow a local, privileged escalation. Connected documents confirm the CVE details and provide context across multiple vendor advisories (IBM QRadar, F5 adviso...
CVE-2021-0119
CVE-2021-0119 stems from improper initialization in Intel processor firmware that can allow a local attacker with physical access to escalate privileges. Connected advisories confirm affected platforms (e.g., IBM QRadar appliances M5/M6, certain Oracle/Red Hat/HP/F5-guided deployments) and descri...
CVE-2021-0156
CVE-2021-0156 involves Intel processor firmware and is caused by improper input validation, enabling a local authenticated user to potentially escalate privileges. Public sources in the provided documents indicate vulnerable firmware on specific platforms (e.g., VELOS CX410 and VELOS BX110 blades...
CVE-2019-14607
CVE-2019-14607 corresponds to Intel processor vulnerability described as improper conditions check that may allow authenticated local attackers to partially escalate privileges, cause denial of service, or disclose information. Public sources (Intel INTEL-SA-00317) itemize affected families acros...
CVE-2021-0124
CVE-2021-0124 describes improper access control in Intel processor firmware that could let a privileged user escalate privileges with physical/local access. The vulnerability is documented across multiple sources (NVD entry; IBM QRadar advisories; F5 advisory) and is associated with privilege esc...
CVE-2019-11157
CVE-2019-11157 involves an improper conditions check in voltage settings on some Intel processors that may allow a privileged user to escalate privileges and/or disclose information via local access. The vulnerability affects a wide range of Intel CPUs (e.g., 6th–10th Gen Core, Xeon E3 v5/v6, and...
CVE-2022-38087
CVE-2022-38087 is described in Intel’s advisory as a BIOS firmware issue for some Intel processors that may allow a privileged local user to cause information disclosure. The Intel SA-00807 entry explicitly documents CVE-2022-38087 with a CVSS v3.1 base score of 4.1 (AV:L/AC:H/PR:H/UI:N/S:U/C:H/I...
CVE-2021-0117
CVE-2021-0117 describes pointer issues in Intel processor firmware that may allow a local attacker to escalate privileges. The vulnerability is rooted in firmware handling, with impacts described as local privilege escalation and, per some sources, possible denial of service or information disclo...
CVE-2021-33124
CVE-2021-33124 refers to an out-of-bounds write in the BIOS authenticated code module for some Intel processors that may allow a privileged local user to escalate privileges. Public advisories (Intel SA-00601) describe this class of BIOS/firmware flaws and recommend applying the latest Intel BIOS...
CVE-2021-0118
CVE-2021-0118 involves an out-of-bounds read in Intel processor firmware that could enable local privilege escalation. Public documents confirm affected surface as Intel processor firmware with local access as the attack vector. IBM and F5 advisories reference this CVE among a family of firmware ...
CVE-2022-26047
CVE-2022-26047 affects Intel® PROSet/Wireless WiFi firmware prior to 22.140, Killer™ WiFi firmware prior to 3.1122.3158, and the associated UEFI 2.2.14.22176.2. The root cause is improper input validation in certain Intel PROSet/Wireless WiFi, Intel vPro® CSME WiFi, and Killer™ WiFi components, w...
CVE-2021-0125
CVE-2021-0125 is a confirmed Intel processor firmware vulnerability caused by improper initialization that can enable privilege escalation with physical/local access. Connected sources name affected platforms and vendor advisories; e.g., IBM QRadar M6/M5 firmware lines and IBM Cloud Pak System up...
CVE-2021-33123
CVE-2021-33123 : Improper access control in the BIOS authenticated code module for certain Intel processors may allow a locally authenticated user to escalate privileges. The issue is discussed in the Intel IPU BIOS advisory (INTEL-SA-00601) with CVSS v3.1 base scores reported as high (up to 8.2)...
CVE-2022-43505
The CVE-2022-43505 issue affects Intel BIOS firmware due to Insufficient control flow management in the BIOS, which may allow a privileged local user to cause a denial of service. Intel’s INTEL-SA-00813 advisory and associated feeds describe vulnerable BIOS implementations and list affected Intel...
CVE-2022-33894
CVE-2022-33894 concerns improper input validation in BIOS firmware for certain Intel processors, enabling privilege escalation with local access. Multiple sources (Intel advisory INTEL-SA-00807 and related Red Hat/NVD/NVD references) describe the issue as a BIOS/firmware vulnerability affecting v...
CVE-2023-22329
CVE-2023-22329 is an Intel BIOS firmware vulnerability in some Intel\u00a0Processors caused by improper input validation, potentially allowing an authenticated user to trigger a denial of service via adjacent access. Intel’s advisory INTEL-SA-00924 recommends updating to the latest BIOS provided ...
CVE-2023-25756
The CVE-2023-25756 issue affects Intel BIOS firmware across multiple processors, caused by an out-of-bounds read that may allow an authenticated user to escalate privileges via adjacent access. Documents from Intel (INTEL-SA-00924) confirm the vulnerability in BIOS software and propose updates to...
CVE-2022-44611
CVE-2022-44611 is an Intel BIOS firmware vulnerability caused by improper input validation that can allow a privileged user to escalate privileges via adjacent access. Intel’s advisory INTEL-SA-00813 lists affected Intel processors (multiple families, including Xeon, Core, Pentium, Celeron, Atom)...