DEBIAN-CVE-2020-24489

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2020-24489

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-24489.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2020-24489

Upstream

CVE-2020-24489

Published

2021-06-09T20:15:08.140Z

Modified

2025-11-20T10:15:35.529539Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.

References

https://security-tracker.debian.org/tracker/CVE-2020-24489

Affected packages

Debian:11 / intel-microcode

Package

Name: intel-microcode
Purl: pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.20210608.1

Affected versions

0.*

0.20080131-1

0.20080220-1

0.20080401-1

0.20080910-1

0.20080910-2

0.20090330-1

0.20090927-1

0.20100826-1

0.20100914-1

0.20101123-1

0.20110428-1

0.20110915-1

0.20111110-1

0.20120606-1

1.*

1.20120606.1

1.20120606.2

1.20120606.3

1.20120606.4

1.20120606.5

1.20120606.6~bpo60+1

1.20120606.6

1.20120606.v2.1

1.20120606.v2.2~bpo60+1

1.20120606.v2.2

1.20130222.1~bpo60+1

1.20130222.1

1.20130222.3

1.20130222.4

1.20130222.5

1.20130222.6

1.20130808.1

1.20130808.2

1.20130906.1

1.20140122.1~bpo60+1

1.20140122.1

1.20140430.1~bpo60+1

1.20140430.1

1.20140624.1~bpo60+1

1.20140624.1

1.20140913.1~bpo60+1

1.20140913.1

1.20150121.1

2.*

2.20130808.1~bpo70+1

2.20130808.1

2.20130906.1~bpo70+1

2.20130906.1

2.20140122.1~bpo70+1

2.20140122.1

2.20140430.1~bpo70+1

2.20140430.1

2.20140624.1~bpo70+1

2.20140624.1

3.*

3.20140913.1~bpo70+1

3.20140913.1~bpo70+2

3.20140913.1

3.20150107.1~bpo70+1

3.20150107.1

3.20150121.1~bpo70+1

3.20150121.1

3.20151106.1~bpo7+1

3.20151106.1~bpo8+1

3.20151106.1~deb8u1

3.20151106.1

3.20151106.2

3.20160607.1

3.20160607.2~bpo8+1

3.20160607.2

3.20160714.1~bpo8+1

3.20160714.1~deb8u1~bpo7+1

3.20160714.1~deb8u1

3.20160714.1

3.20161104.1~bpo8+1

3.20161104.1~deb8u1~bpo7+1

3.20161104.1~deb8u1

3.20161104.1

3.20170511.1~bpo8+1

3.20170511.1

3.20170707.1~bpo8+1

3.20170707.1~bpo9+1

3.20170707.1~deb8u1

3.20170707.1~deb9u1

3.20170707.1

3.20171117.1~bpo8+1

3.20171117.1~bpo9+1

3.20171117.1

3.20171215.1

3.20180108.1

3.20180108.1+really20171117.1

3.20180312.1~bpo8+1

3.20180312.1~bpo9+1

3.20180312.1

3.20180425.1~bpo8+1

3.20180425.1~bpo9+1

3.20180425.1~deb8u1

3.20180425.1~deb9u1

3.20180425.1

3.20180703.1

3.20180703.2~bpo8+1

3.20180703.2~bpo9+1

3.20180703.2~deb8u1

3.20180703.2~deb9u1

3.20180703.2

3.20180807a.1~bpo8+1

3.20180807a.1~bpo9+1

3.20180807a.1~deb8u1

3.20180807a.1~deb9u1

3.20180807a.1

3.20180807a.2~bpo8+1

3.20180807a.2~bpo9+1

3.20180807a.2~deb9u1

3.20180807a.2

3.20190312.1~bpo9+1

3.20190312.1

3.20190514.1~deb8u1

3.20190514.1~deb9u1

3.20190514.1

3.20190618.1~deb8u1

3.20190618.1~deb9u1

3.20190618.1

3.20190918.1

3.20191112.1~deb9u1

3.20191112.1~deb10u1

3.20191112.1

3.20191113.1

3.20191115.1~deb9u1

3.20191115.1~deb10u1

3.20191115.1

3.20191115.2~deb8u1

3.20191115.2~deb9u1

3.20191115.2~deb10u1

3.20191115.2

3.20200508.1

3.20200520.1

3.20200609.1~deb9u1

3.20200609.1~deb10u1

3.20200609.1

3.20200609.2~deb8u1

3.20200609.2~deb9u1

3.20200609.2~deb10u1

3.20200609.2

3.20200616.1~deb9u1

3.20200616.1~deb10u1

3.20200616.1

3.20201110.1

3.20201118.1~bpo10+1

3.20201118.1~deb9u1

3.20201118.1~deb10u1

3.20201118.1

3.20210216.1~deb10u1

3.20210216.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-24489.json"

Debian:12 / intel-microcode

Package

Name: intel-microcode
Purl: pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.20210608.1

Affected versions

0.*

0.20080131-1

0.20080220-1

0.20080401-1

0.20080910-1

0.20080910-2

0.20090330-1

0.20090927-1

0.20100826-1

0.20100914-1

0.20101123-1

0.20110428-1

0.20110915-1

0.20111110-1

0.20120606-1

1.*

1.20120606.1

1.20120606.2

1.20120606.3

1.20120606.4

1.20120606.5

1.20120606.6~bpo60+1

1.20120606.6

1.20120606.v2.1

1.20120606.v2.2~bpo60+1

1.20120606.v2.2

1.20130222.1~bpo60+1

1.20130222.1

1.20130222.3

1.20130222.4

1.20130222.5

1.20130222.6

1.20130808.1

1.20130808.2

1.20130906.1

1.20140122.1~bpo60+1

1.20140122.1

1.20140430.1~bpo60+1

1.20140430.1

1.20140624.1~bpo60+1

1.20140624.1

1.20140913.1~bpo60+1

1.20140913.1

1.20150121.1

2.*

2.20130808.1~bpo70+1

2.20130808.1

2.20130906.1~bpo70+1

2.20130906.1

2.20140122.1~bpo70+1

2.20140122.1

2.20140430.1~bpo70+1

2.20140430.1

2.20140624.1~bpo70+1

2.20140624.1

3.*

3.20140913.1~bpo70+1

3.20140913.1~bpo70+2

3.20140913.1

3.20150107.1~bpo70+1

3.20150107.1

3.20150121.1~bpo70+1

3.20150121.1

3.20151106.1~bpo7+1

3.20151106.1~bpo8+1

3.20151106.1~deb8u1

3.20151106.1

3.20151106.2

3.20160607.1

3.20160607.2~bpo8+1

3.20160607.2

3.20160714.1~bpo8+1

3.20160714.1~deb8u1~bpo7+1

3.20160714.1~deb8u1

3.20160714.1

3.20161104.1~bpo8+1

3.20161104.1~deb8u1~bpo7+1

3.20161104.1~deb8u1

3.20161104.1

3.20170511.1~bpo8+1

3.20170511.1

3.20170707.1~bpo8+1

3.20170707.1~bpo9+1

3.20170707.1~deb8u1

3.20170707.1~deb9u1

3.20170707.1

3.20171117.1~bpo8+1

3.20171117.1~bpo9+1

3.20171117.1

3.20171215.1

3.20180108.1

3.20180108.1+really20171117.1

3.20180312.1~bpo8+1

3.20180312.1~bpo9+1

3.20180312.1

3.20180425.1~bpo8+1

3.20180425.1~bpo9+1

3.20180425.1~deb8u1

3.20180425.1~deb9u1

3.20180425.1

3.20180703.1

3.20180703.2~bpo8+1

3.20180703.2~bpo9+1

3.20180703.2~deb8u1

3.20180703.2~deb9u1

3.20180703.2

3.20180807a.1~bpo8+1

3.20180807a.1~bpo9+1

3.20180807a.1~deb8u1

3.20180807a.1~deb9u1

3.20180807a.1

3.20180807a.2~bpo8+1

3.20180807a.2~bpo9+1

3.20180807a.2~deb9u1

3.20180807a.2

3.20190312.1~bpo9+1

3.20190312.1

3.20190514.1~deb8u1

3.20190514.1~deb9u1

3.20190514.1

3.20190618.1~deb8u1

3.20190618.1~deb9u1

3.20190618.1

3.20190918.1

3.20191112.1~deb9u1

3.20191112.1~deb10u1

3.20191112.1

3.20191113.1

3.20191115.1~deb9u1

3.20191115.1~deb10u1

3.20191115.1

3.20191115.2~deb8u1

3.20191115.2~deb9u1

3.20191115.2~deb10u1

3.20191115.2

3.20200508.1

3.20200520.1

3.20200609.1~deb9u1

3.20200609.1~deb10u1

3.20200609.1

3.20200609.2~deb8u1

3.20200609.2~deb9u1

3.20200609.2~deb10u1

3.20200609.2

3.20200616.1~deb9u1

3.20200616.1~deb10u1

3.20200616.1

3.20201110.1

3.20201118.1~bpo10+1

3.20201118.1~deb9u1

3.20201118.1~deb10u1

3.20201118.1

3.20210216.1~deb10u1

3.20210216.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-24489.json"

Debian:13 / intel-microcode

Package

Name: intel-microcode
Purl: pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.20210608.1

Affected versions

0.*

0.20080131-1

0.20080220-1

0.20080401-1

0.20080910-1

0.20080910-2

0.20090330-1

0.20090927-1

0.20100826-1

0.20100914-1

0.20101123-1

0.20110428-1

0.20110915-1

0.20111110-1

0.20120606-1

1.*

1.20120606.1

1.20120606.2

1.20120606.3

1.20120606.4

1.20120606.5

1.20120606.6~bpo60+1

1.20120606.6

1.20120606.v2.1

1.20120606.v2.2~bpo60+1

1.20120606.v2.2

1.20130222.1~bpo60+1

1.20130222.1

1.20130222.3

1.20130222.4

1.20130222.5

1.20130222.6

1.20130808.1

1.20130808.2

1.20130906.1

1.20140122.1~bpo60+1

1.20140122.1

1.20140430.1~bpo60+1

1.20140430.1

1.20140624.1~bpo60+1

1.20140624.1

1.20140913.1~bpo60+1

1.20140913.1

1.20150121.1

2.*

2.20130808.1~bpo70+1

2.20130808.1

2.20130906.1~bpo70+1

2.20130906.1

2.20140122.1~bpo70+1

2.20140122.1

2.20140430.1~bpo70+1

2.20140430.1

2.20140624.1~bpo70+1

2.20140624.1

3.*

3.20140913.1~bpo70+1

3.20140913.1~bpo70+2

3.20140913.1

3.20150107.1~bpo70+1

3.20150107.1

3.20150121.1~bpo70+1

3.20150121.1

3.20151106.1~bpo7+1

3.20151106.1~bpo8+1

3.20151106.1~deb8u1

3.20151106.1

3.20151106.2

3.20160607.1

3.20160607.2~bpo8+1

3.20160607.2

3.20160714.1~bpo8+1

3.20160714.1~deb8u1~bpo7+1

3.20160714.1~deb8u1

3.20160714.1

3.20161104.1~bpo8+1

3.20161104.1~deb8u1~bpo7+1

3.20161104.1~deb8u1

3.20161104.1

3.20170511.1~bpo8+1

3.20170511.1

3.20170707.1~bpo8+1

3.20170707.1~bpo9+1

3.20170707.1~deb8u1

3.20170707.1~deb9u1

3.20170707.1

3.20171117.1~bpo8+1

3.20171117.1~bpo9+1

3.20171117.1

3.20171215.1

3.20180108.1

3.20180108.1+really20171117.1

3.20180312.1~bpo8+1

3.20180312.1~bpo9+1

3.20180312.1

3.20180425.1~bpo8+1

3.20180425.1~bpo9+1

3.20180425.1~deb8u1

3.20180425.1~deb9u1

3.20180425.1

3.20180703.1

3.20180703.2~bpo8+1

3.20180703.2~bpo9+1

3.20180703.2~deb8u1

3.20180703.2~deb9u1

3.20180703.2

3.20180807a.1~bpo8+1

3.20180807a.1~bpo9+1

3.20180807a.1~deb8u1

3.20180807a.1~deb9u1

3.20180807a.1

3.20180807a.2~bpo8+1

3.20180807a.2~bpo9+1

3.20180807a.2~deb9u1

3.20180807a.2

3.20190312.1~bpo9+1

3.20190312.1

3.20190514.1~deb8u1

3.20190514.1~deb9u1

3.20190514.1

3.20190618.1~deb8u1

3.20190618.1~deb9u1

3.20190618.1

3.20190918.1

3.20191112.1~deb9u1

3.20191112.1~deb10u1

3.20191112.1

3.20191113.1

3.20191115.1~deb9u1

3.20191115.1~deb10u1

3.20191115.1

3.20191115.2~deb8u1

3.20191115.2~deb9u1

3.20191115.2~deb10u1

3.20191115.2

3.20200508.1

3.20200520.1

3.20200609.1~deb9u1

3.20200609.1~deb10u1

3.20200609.1

3.20200609.2~deb8u1

3.20200609.2~deb9u1

3.20200609.2~deb10u1

3.20200609.2

3.20200616.1~deb9u1

3.20200616.1~deb10u1

3.20200616.1

3.20201110.1

3.20201118.1~bpo10+1

3.20201118.1~deb9u1

3.20201118.1~deb10u1

3.20201118.1

3.20210216.1~deb10u1

3.20210216.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-24489.json"

Debian:14 / intel-microcode

Package

Name: intel-microcode
Purl: pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.20210608.1

Affected versions

0.*

0.20080131-1

0.20080220-1

0.20080401-1

0.20080910-1

0.20080910-2

0.20090330-1

0.20090927-1

0.20100826-1

0.20100914-1

0.20101123-1

0.20110428-1

0.20110915-1

0.20111110-1

0.20120606-1

1.*

1.20120606.1

1.20120606.2

1.20120606.3

1.20120606.4

1.20120606.5

1.20120606.6~bpo60+1

1.20120606.6

1.20120606.v2.1

1.20120606.v2.2~bpo60+1

1.20120606.v2.2

1.20130222.1~bpo60+1

1.20130222.1

1.20130222.3

1.20130222.4

1.20130222.5

1.20130222.6

1.20130808.1

1.20130808.2

1.20130906.1

1.20140122.1~bpo60+1

1.20140122.1

1.20140430.1~bpo60+1

1.20140430.1

1.20140624.1~bpo60+1

1.20140624.1

1.20140913.1~bpo60+1

1.20140913.1

1.20150121.1

2.*

2.20130808.1~bpo70+1

2.20130808.1

2.20130906.1~bpo70+1

2.20130906.1

2.20140122.1~bpo70+1

2.20140122.1

2.20140430.1~bpo70+1

2.20140430.1

2.20140624.1~bpo70+1

2.20140624.1

3.*

3.20140913.1~bpo70+1

3.20140913.1~bpo70+2

3.20140913.1

3.20150107.1~bpo70+1

3.20150107.1

3.20150121.1~bpo70+1

3.20150121.1

3.20151106.1~bpo7+1

3.20151106.1~bpo8+1

3.20151106.1~deb8u1

3.20151106.1

3.20151106.2

3.20160607.1

3.20160607.2~bpo8+1

3.20160607.2

3.20160714.1~bpo8+1

3.20160714.1~deb8u1~bpo7+1

3.20160714.1~deb8u1

3.20160714.1

3.20161104.1~bpo8+1

3.20161104.1~deb8u1~bpo7+1

3.20161104.1~deb8u1

3.20161104.1

3.20170511.1~bpo8+1

3.20170511.1

3.20170707.1~bpo8+1

3.20170707.1~bpo9+1

3.20170707.1~deb8u1

3.20170707.1~deb9u1

3.20170707.1

3.20171117.1~bpo8+1

3.20171117.1~bpo9+1

3.20171117.1

3.20171215.1

3.20180108.1

3.20180108.1+really20171117.1

3.20180312.1~bpo8+1

3.20180312.1~bpo9+1

3.20180312.1

3.20180425.1~bpo8+1

3.20180425.1~bpo9+1

3.20180425.1~deb8u1

3.20180425.1~deb9u1

3.20180425.1

3.20180703.1

3.20180703.2~bpo8+1

3.20180703.2~bpo9+1

3.20180703.2~deb8u1

3.20180703.2~deb9u1

3.20180703.2

3.20180807a.1~bpo8+1

3.20180807a.1~bpo9+1

3.20180807a.1~deb8u1

3.20180807a.1~deb9u1

3.20180807a.1

3.20180807a.2~bpo8+1

3.20180807a.2~bpo9+1

3.20180807a.2~deb9u1

3.20180807a.2

3.20190312.1~bpo9+1

3.20190312.1

3.20190514.1~deb8u1

3.20190514.1~deb9u1

3.20190514.1

3.20190618.1~deb8u1

3.20190618.1~deb9u1

3.20190618.1

3.20190918.1

3.20191112.1~deb9u1

3.20191112.1~deb10u1

3.20191112.1

3.20191113.1

3.20191115.1~deb9u1

3.20191115.1~deb10u1

3.20191115.1

3.20191115.2~deb8u1

3.20191115.2~deb9u1

3.20191115.2~deb10u1

3.20191115.2

3.20200508.1

3.20200520.1

3.20200609.1~deb9u1

3.20200609.1~deb10u1

3.20200609.1

3.20200609.2~deb8u1

3.20200609.2~deb9u1

3.20200609.2~deb10u1

3.20200609.2

3.20200616.1~deb9u1

3.20200616.1~deb10u1

3.20200616.1

3.20201110.1

3.20201118.1~bpo10+1

3.20201118.1~deb9u1

3.20201118.1~deb10u1

3.20201118.1

3.20210216.1~deb10u1

3.20210216.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-24489.json"