DEBIAN-CVE-2019-14607

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2019-14607
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-14607.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2019-14607
Upstream
Downstream
Published
2019-12-16T20:15:15.163Z
Modified
2025-11-20T10:14:07.226395Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

Improper conditions check in multiple IntelĀ® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.

References

Affected packages

Debian:11 / intel-microcode

Package

Name
intel-microcode
Purl
pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20191115.1

Affected versions

0.*
0.20080131-1
0.20080220-1
0.20080401-1
0.20080910-1
0.20080910-2
0.20090330-1
0.20090927-1
0.20100826-1
0.20100914-1
0.20101123-1
0.20110428-1
0.20110915-1
0.20111110-1
0.20120606-1
1.*
1.20120606.1
1.20120606.2
1.20120606.3
1.20120606.4
1.20120606.5
1.20120606.6~bpo60+1
1.20120606.6
1.20120606.v2.1
1.20120606.v2.2~bpo60+1
1.20120606.v2.2
1.20130222.1~bpo60+1
1.20130222.1
1.20130222.3
1.20130222.4
1.20130222.5
1.20130222.6
1.20130808.1
1.20130808.2
1.20130906.1
1.20140122.1~bpo60+1
1.20140122.1
1.20140430.1~bpo60+1
1.20140430.1
1.20140624.1~bpo60+1
1.20140624.1
1.20140913.1~bpo60+1
1.20140913.1
1.20150121.1
2.*
2.20130808.1~bpo70+1
2.20130808.1
2.20130906.1~bpo70+1
2.20130906.1
2.20140122.1~bpo70+1
2.20140122.1
2.20140430.1~bpo70+1
2.20140430.1
2.20140624.1~bpo70+1
2.20140624.1
3.*
3.20140913.1~bpo70+1
3.20140913.1~bpo70+2
3.20140913.1
3.20150107.1~bpo70+1
3.20150107.1
3.20150121.1~bpo70+1
3.20150121.1
3.20151106.1~bpo7+1
3.20151106.1~bpo8+1
3.20151106.1~deb8u1
3.20151106.1
3.20151106.2
3.20160607.1
3.20160607.2~bpo8+1
3.20160607.2
3.20160714.1~bpo8+1
3.20160714.1~deb8u1~bpo7+1
3.20160714.1~deb8u1
3.20160714.1
3.20161104.1~bpo8+1
3.20161104.1~deb8u1~bpo7+1
3.20161104.1~deb8u1
3.20161104.1
3.20170511.1~bpo8+1
3.20170511.1
3.20170707.1~bpo8+1
3.20170707.1~bpo9+1
3.20170707.1~deb8u1
3.20170707.1~deb9u1
3.20170707.1
3.20171117.1~bpo8+1
3.20171117.1~bpo9+1
3.20171117.1
3.20171215.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.1~bpo8+1
3.20180312.1~bpo9+1
3.20180312.1
3.20180425.1~bpo8+1
3.20180425.1~bpo9+1
3.20180425.1~deb8u1
3.20180425.1~deb9u1
3.20180425.1
3.20180703.1
3.20180703.2~bpo8+1
3.20180703.2~bpo9+1
3.20180703.2~deb8u1
3.20180703.2~deb9u1
3.20180703.2
3.20180807a.1~bpo8+1
3.20180807a.1~bpo9+1
3.20180807a.1~deb8u1
3.20180807a.1~deb9u1
3.20180807a.1
3.20180807a.2~bpo8+1
3.20180807a.2~bpo9+1
3.20180807a.2~deb9u1
3.20180807a.2
3.20190312.1~bpo9+1
3.20190312.1
3.20190514.1~deb8u1
3.20190514.1~deb9u1
3.20190514.1
3.20190618.1~deb8u1
3.20190618.1~deb9u1
3.20190618.1
3.20190918.1
3.20191112.1~deb9u1
3.20191112.1~deb10u1
3.20191112.1
3.20191113.1
3.20191115.1~deb9u1
3.20191115.1~deb10u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-14607.json"

Debian:12 / intel-microcode

Package

Name
intel-microcode
Purl
pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20191115.1

Affected versions

0.*
0.20080131-1
0.20080220-1
0.20080401-1
0.20080910-1
0.20080910-2
0.20090330-1
0.20090927-1
0.20100826-1
0.20100914-1
0.20101123-1
0.20110428-1
0.20110915-1
0.20111110-1
0.20120606-1
1.*
1.20120606.1
1.20120606.2
1.20120606.3
1.20120606.4
1.20120606.5
1.20120606.6~bpo60+1
1.20120606.6
1.20120606.v2.1
1.20120606.v2.2~bpo60+1
1.20120606.v2.2
1.20130222.1~bpo60+1
1.20130222.1
1.20130222.3
1.20130222.4
1.20130222.5
1.20130222.6
1.20130808.1
1.20130808.2
1.20130906.1
1.20140122.1~bpo60+1
1.20140122.1
1.20140430.1~bpo60+1
1.20140430.1
1.20140624.1~bpo60+1
1.20140624.1
1.20140913.1~bpo60+1
1.20140913.1
1.20150121.1
2.*
2.20130808.1~bpo70+1
2.20130808.1
2.20130906.1~bpo70+1
2.20130906.1
2.20140122.1~bpo70+1
2.20140122.1
2.20140430.1~bpo70+1
2.20140430.1
2.20140624.1~bpo70+1
2.20140624.1
3.*
3.20140913.1~bpo70+1
3.20140913.1~bpo70+2
3.20140913.1
3.20150107.1~bpo70+1
3.20150107.1
3.20150121.1~bpo70+1
3.20150121.1
3.20151106.1~bpo7+1
3.20151106.1~bpo8+1
3.20151106.1~deb8u1
3.20151106.1
3.20151106.2
3.20160607.1
3.20160607.2~bpo8+1
3.20160607.2
3.20160714.1~bpo8+1
3.20160714.1~deb8u1~bpo7+1
3.20160714.1~deb8u1
3.20160714.1
3.20161104.1~bpo8+1
3.20161104.1~deb8u1~bpo7+1
3.20161104.1~deb8u1
3.20161104.1
3.20170511.1~bpo8+1
3.20170511.1
3.20170707.1~bpo8+1
3.20170707.1~bpo9+1
3.20170707.1~deb8u1
3.20170707.1~deb9u1
3.20170707.1
3.20171117.1~bpo8+1
3.20171117.1~bpo9+1
3.20171117.1
3.20171215.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.1~bpo8+1
3.20180312.1~bpo9+1
3.20180312.1
3.20180425.1~bpo8+1
3.20180425.1~bpo9+1
3.20180425.1~deb8u1
3.20180425.1~deb9u1
3.20180425.1
3.20180703.1
3.20180703.2~bpo8+1
3.20180703.2~bpo9+1
3.20180703.2~deb8u1
3.20180703.2~deb9u1
3.20180703.2
3.20180807a.1~bpo8+1
3.20180807a.1~bpo9+1
3.20180807a.1~deb8u1
3.20180807a.1~deb9u1
3.20180807a.1
3.20180807a.2~bpo8+1
3.20180807a.2~bpo9+1
3.20180807a.2~deb9u1
3.20180807a.2
3.20190312.1~bpo9+1
3.20190312.1
3.20190514.1~deb8u1
3.20190514.1~deb9u1
3.20190514.1
3.20190618.1~deb8u1
3.20190618.1~deb9u1
3.20190618.1
3.20190918.1
3.20191112.1~deb9u1
3.20191112.1~deb10u1
3.20191112.1
3.20191113.1
3.20191115.1~deb9u1
3.20191115.1~deb10u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-14607.json"

Debian:13 / intel-microcode

Package

Name
intel-microcode
Purl
pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20191115.1

Affected versions

0.*
0.20080131-1
0.20080220-1
0.20080401-1
0.20080910-1
0.20080910-2
0.20090330-1
0.20090927-1
0.20100826-1
0.20100914-1
0.20101123-1
0.20110428-1
0.20110915-1
0.20111110-1
0.20120606-1
1.*
1.20120606.1
1.20120606.2
1.20120606.3
1.20120606.4
1.20120606.5
1.20120606.6~bpo60+1
1.20120606.6
1.20120606.v2.1
1.20120606.v2.2~bpo60+1
1.20120606.v2.2
1.20130222.1~bpo60+1
1.20130222.1
1.20130222.3
1.20130222.4
1.20130222.5
1.20130222.6
1.20130808.1
1.20130808.2
1.20130906.1
1.20140122.1~bpo60+1
1.20140122.1
1.20140430.1~bpo60+1
1.20140430.1
1.20140624.1~bpo60+1
1.20140624.1
1.20140913.1~bpo60+1
1.20140913.1
1.20150121.1
2.*
2.20130808.1~bpo70+1
2.20130808.1
2.20130906.1~bpo70+1
2.20130906.1
2.20140122.1~bpo70+1
2.20140122.1
2.20140430.1~bpo70+1
2.20140430.1
2.20140624.1~bpo70+1
2.20140624.1
3.*
3.20140913.1~bpo70+1
3.20140913.1~bpo70+2
3.20140913.1
3.20150107.1~bpo70+1
3.20150107.1
3.20150121.1~bpo70+1
3.20150121.1
3.20151106.1~bpo7+1
3.20151106.1~bpo8+1
3.20151106.1~deb8u1
3.20151106.1
3.20151106.2
3.20160607.1
3.20160607.2~bpo8+1
3.20160607.2
3.20160714.1~bpo8+1
3.20160714.1~deb8u1~bpo7+1
3.20160714.1~deb8u1
3.20160714.1
3.20161104.1~bpo8+1
3.20161104.1~deb8u1~bpo7+1
3.20161104.1~deb8u1
3.20161104.1
3.20170511.1~bpo8+1
3.20170511.1
3.20170707.1~bpo8+1
3.20170707.1~bpo9+1
3.20170707.1~deb8u1
3.20170707.1~deb9u1
3.20170707.1
3.20171117.1~bpo8+1
3.20171117.1~bpo9+1
3.20171117.1
3.20171215.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.1~bpo8+1
3.20180312.1~bpo9+1
3.20180312.1
3.20180425.1~bpo8+1
3.20180425.1~bpo9+1
3.20180425.1~deb8u1
3.20180425.1~deb9u1
3.20180425.1
3.20180703.1
3.20180703.2~bpo8+1
3.20180703.2~bpo9+1
3.20180703.2~deb8u1
3.20180703.2~deb9u1
3.20180703.2
3.20180807a.1~bpo8+1
3.20180807a.1~bpo9+1
3.20180807a.1~deb8u1
3.20180807a.1~deb9u1
3.20180807a.1
3.20180807a.2~bpo8+1
3.20180807a.2~bpo9+1
3.20180807a.2~deb9u1
3.20180807a.2
3.20190312.1~bpo9+1
3.20190312.1
3.20190514.1~deb8u1
3.20190514.1~deb9u1
3.20190514.1
3.20190618.1~deb8u1
3.20190618.1~deb9u1
3.20190618.1
3.20190918.1
3.20191112.1~deb9u1
3.20191112.1~deb10u1
3.20191112.1
3.20191113.1
3.20191115.1~deb9u1
3.20191115.1~deb10u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-14607.json"

Debian:14 / intel-microcode

Package

Name
intel-microcode
Purl
pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20191115.1

Affected versions

0.*
0.20080131-1
0.20080220-1
0.20080401-1
0.20080910-1
0.20080910-2
0.20090330-1
0.20090927-1
0.20100826-1
0.20100914-1
0.20101123-1
0.20110428-1
0.20110915-1
0.20111110-1
0.20120606-1
1.*
1.20120606.1
1.20120606.2
1.20120606.3
1.20120606.4
1.20120606.5
1.20120606.6~bpo60+1
1.20120606.6
1.20120606.v2.1
1.20120606.v2.2~bpo60+1
1.20120606.v2.2
1.20130222.1~bpo60+1
1.20130222.1
1.20130222.3
1.20130222.4
1.20130222.5
1.20130222.6
1.20130808.1
1.20130808.2
1.20130906.1
1.20140122.1~bpo60+1
1.20140122.1
1.20140430.1~bpo60+1
1.20140430.1
1.20140624.1~bpo60+1
1.20140624.1
1.20140913.1~bpo60+1
1.20140913.1
1.20150121.1
2.*
2.20130808.1~bpo70+1
2.20130808.1
2.20130906.1~bpo70+1
2.20130906.1
2.20140122.1~bpo70+1
2.20140122.1
2.20140430.1~bpo70+1
2.20140430.1
2.20140624.1~bpo70+1
2.20140624.1
3.*
3.20140913.1~bpo70+1
3.20140913.1~bpo70+2
3.20140913.1
3.20150107.1~bpo70+1
3.20150107.1
3.20150121.1~bpo70+1
3.20150121.1
3.20151106.1~bpo7+1
3.20151106.1~bpo8+1
3.20151106.1~deb8u1
3.20151106.1
3.20151106.2
3.20160607.1
3.20160607.2~bpo8+1
3.20160607.2
3.20160714.1~bpo8+1
3.20160714.1~deb8u1~bpo7+1
3.20160714.1~deb8u1
3.20160714.1
3.20161104.1~bpo8+1
3.20161104.1~deb8u1~bpo7+1
3.20161104.1~deb8u1
3.20161104.1
3.20170511.1~bpo8+1
3.20170511.1
3.20170707.1~bpo8+1
3.20170707.1~bpo9+1
3.20170707.1~deb8u1
3.20170707.1~deb9u1
3.20170707.1
3.20171117.1~bpo8+1
3.20171117.1~bpo9+1
3.20171117.1
3.20171215.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.1~bpo8+1
3.20180312.1~bpo9+1
3.20180312.1
3.20180425.1~bpo8+1
3.20180425.1~bpo9+1
3.20180425.1~deb8u1
3.20180425.1~deb9u1
3.20180425.1
3.20180703.1
3.20180703.2~bpo8+1
3.20180703.2~bpo9+1
3.20180703.2~deb8u1
3.20180703.2~deb9u1
3.20180703.2
3.20180807a.1~bpo8+1
3.20180807a.1~bpo9+1
3.20180807a.1~deb8u1
3.20180807a.1~deb9u1
3.20180807a.1
3.20180807a.2~bpo8+1
3.20180807a.2~bpo9+1
3.20180807a.2~deb9u1
3.20180807a.2
3.20190312.1~bpo9+1
3.20190312.1
3.20190514.1~deb8u1
3.20190514.1~deb9u1
3.20190514.1
3.20190618.1~deb8u1
3.20190618.1~deb9u1
3.20190618.1
3.20190918.1
3.20191112.1~deb9u1
3.20191112.1~deb10u1
3.20191112.1
3.20191113.1
3.20191115.1~deb9u1
3.20191115.1~deb10u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-14607.json"