DEBIAN-CVE-2024-23984

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2024-23984
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-23984.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2024-23984
Upstream
Published
2024-09-16T17:16:04.810Z
Modified
2025-11-20T10:17:04.504857Z
Severity
  • 6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
Summary
[none]
Details

Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

References

Affected packages

Debian:11 / intel-microcode

Package

Name
intel-microcode
Purl
pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20240910.1~deb11u1

Affected versions

0.*

0.20080131-1
0.20080220-1
0.20080401-1
0.20080910-1
0.20080910-2
0.20090330-1
0.20090927-1
0.20100826-1
0.20100914-1
0.20101123-1
0.20110428-1
0.20110915-1
0.20111110-1
0.20120606-1

1.*

1.20120606.1
1.20120606.2
1.20120606.3
1.20120606.4
1.20120606.5
1.20120606.6~bpo60+1
1.20120606.6
1.20120606.v2.1
1.20120606.v2.2~bpo60+1
1.20120606.v2.2
1.20130222.1~bpo60+1
1.20130222.1
1.20130222.3
1.20130222.4
1.20130222.5
1.20130222.6
1.20130808.1
1.20130808.2
1.20130906.1
1.20140122.1~bpo60+1
1.20140122.1
1.20140430.1~bpo60+1
1.20140430.1
1.20140624.1~bpo60+1
1.20140624.1
1.20140913.1~bpo60+1
1.20140913.1
1.20150121.1

2.*

2.20130808.1~bpo70+1
2.20130808.1
2.20130906.1~bpo70+1
2.20130906.1
2.20140122.1~bpo70+1
2.20140122.1
2.20140430.1~bpo70+1
2.20140430.1
2.20140624.1~bpo70+1
2.20140624.1

3.*

3.20140913.1~bpo70+1
3.20140913.1~bpo70+2
3.20140913.1
3.20150107.1~bpo70+1
3.20150107.1
3.20150121.1~bpo70+1
3.20150121.1
3.20151106.1~bpo7+1
3.20151106.1~bpo8+1
3.20151106.1~deb8u1
3.20151106.1
3.20151106.2
3.20160607.1
3.20160607.2~bpo8+1
3.20160607.2
3.20160714.1~bpo8+1
3.20160714.1~deb8u1~bpo7+1
3.20160714.1~deb8u1
3.20160714.1
3.20161104.1~bpo8+1
3.20161104.1~deb8u1~bpo7+1
3.20161104.1~deb8u1
3.20161104.1
3.20170511.1~bpo8+1
3.20170511.1
3.20170707.1~bpo8+1
3.20170707.1~bpo9+1
3.20170707.1~deb8u1
3.20170707.1~deb9u1
3.20170707.1
3.20171117.1~bpo8+1
3.20171117.1~bpo9+1
3.20171117.1
3.20171215.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.1~bpo8+1
3.20180312.1~bpo9+1
3.20180312.1
3.20180425.1~bpo8+1
3.20180425.1~bpo9+1
3.20180425.1~deb8u1
3.20180425.1~deb9u1
3.20180425.1
3.20180703.1
3.20180703.2~bpo8+1
3.20180703.2~bpo9+1
3.20180703.2~deb8u1
3.20180703.2~deb9u1
3.20180703.2
3.20180807a.1~bpo8+1
3.20180807a.1~bpo9+1
3.20180807a.1~deb8u1
3.20180807a.1~deb9u1
3.20180807a.1
3.20180807a.2~bpo8+1
3.20180807a.2~bpo9+1
3.20180807a.2~deb9u1
3.20180807a.2
3.20190312.1~bpo9+1
3.20190312.1
3.20190514.1~deb8u1
3.20190514.1~deb9u1
3.20190514.1
3.20190618.1~deb8u1
3.20190618.1~deb9u1
3.20190618.1
3.20190918.1
3.20191112.1~deb9u1
3.20191112.1~deb10u1
3.20191112.1
3.20191113.1
3.20191115.1~deb9u1
3.20191115.1~deb10u1
3.20191115.1
3.20191115.2~deb8u1
3.20191115.2~deb9u1
3.20191115.2~deb10u1
3.20191115.2
3.20200508.1
3.20200520.1
3.20200609.1~deb9u1
3.20200609.1~deb10u1
3.20200609.1
3.20200609.2~deb8u1
3.20200609.2~deb9u1
3.20200609.2~deb10u1
3.20200609.2
3.20200616.1~deb9u1
3.20200616.1~deb10u1
3.20200616.1
3.20201110.1
3.20201118.1~bpo10+1
3.20201118.1~deb9u1
3.20201118.1~deb10u1
3.20201118.1
3.20210216.1~deb10u1
3.20210216.1
3.20210608.1
3.20210608.2~deb9u2
3.20210608.2~deb10u1
3.20210608.2
3.20220207.1~bpo11+1
3.20220207.1~deb10u1
3.20220207.1~deb11u1
3.20220207.1
3.20220510.1~deb10u1
3.20220510.1~deb11u1
3.20220510.1
3.20220809.1
3.20221108.1
3.20221108.2
3.20230214.1~deb10u1
3.20230214.1~deb11u1
3.20230214.1
3.20230512.1
3.20230808.1~deb10u1
3.20230808.1~deb11u1
3.20230808.1~deb12u1
3.20230808.1
3.20231114.1~deb10u1
3.20231114.1~deb11u1
3.20231114.1~deb12u1
3.20231114.1
3.20240312.1~deb10u1
3.20240312.1~deb11u1
3.20240312.1~deb12u1
3.20240312.1
3.20240514.1~deb11u1
3.20240514.1~deb12u1
3.20240514.1
3.20240531.1
3.20240531.1+nmu1
3.20240813.1~deb11u1
3.20240813.1~deb12u1
3.20240813.1
3.20240813.2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-23984.json"

Debian:12 / intel-microcode

Package

Name
intel-microcode
Purl
pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20240910.1~deb12u1

Affected versions

0.*

0.20080131-1
0.20080220-1
0.20080401-1
0.20080910-1
0.20080910-2
0.20090330-1
0.20090927-1
0.20100826-1
0.20100914-1
0.20101123-1
0.20110428-1
0.20110915-1
0.20111110-1
0.20120606-1

1.*

1.20120606.1
1.20120606.2
1.20120606.3
1.20120606.4
1.20120606.5
1.20120606.6~bpo60+1
1.20120606.6
1.20120606.v2.1
1.20120606.v2.2~bpo60+1
1.20120606.v2.2
1.20130222.1~bpo60+1
1.20130222.1
1.20130222.3
1.20130222.4
1.20130222.5
1.20130222.6
1.20130808.1
1.20130808.2
1.20130906.1
1.20140122.1~bpo60+1
1.20140122.1
1.20140430.1~bpo60+1
1.20140430.1
1.20140624.1~bpo60+1
1.20140624.1
1.20140913.1~bpo60+1
1.20140913.1
1.20150121.1

2.*

2.20130808.1~bpo70+1
2.20130808.1
2.20130906.1~bpo70+1
2.20130906.1
2.20140122.1~bpo70+1
2.20140122.1
2.20140430.1~bpo70+1
2.20140430.1
2.20140624.1~bpo70+1
2.20140624.1

3.*

3.20140913.1~bpo70+1
3.20140913.1~bpo70+2
3.20140913.1
3.20150107.1~bpo70+1
3.20150107.1
3.20150121.1~bpo70+1
3.20150121.1
3.20151106.1~bpo7+1
3.20151106.1~bpo8+1
3.20151106.1~deb8u1
3.20151106.1
3.20151106.2
3.20160607.1
3.20160607.2~bpo8+1
3.20160607.2
3.20160714.1~bpo8+1
3.20160714.1~deb8u1~bpo7+1
3.20160714.1~deb8u1
3.20160714.1
3.20161104.1~bpo8+1
3.20161104.1~deb8u1~bpo7+1
3.20161104.1~deb8u1
3.20161104.1
3.20170511.1~bpo8+1
3.20170511.1
3.20170707.1~bpo8+1
3.20170707.1~bpo9+1
3.20170707.1~deb8u1
3.20170707.1~deb9u1
3.20170707.1
3.20171117.1~bpo8+1
3.20171117.1~bpo9+1
3.20171117.1
3.20171215.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.1~bpo8+1
3.20180312.1~bpo9+1
3.20180312.1
3.20180425.1~bpo8+1
3.20180425.1~bpo9+1
3.20180425.1~deb8u1
3.20180425.1~deb9u1
3.20180425.1
3.20180703.1
3.20180703.2~bpo8+1
3.20180703.2~bpo9+1
3.20180703.2~deb8u1
3.20180703.2~deb9u1
3.20180703.2
3.20180807a.1~bpo8+1
3.20180807a.1~bpo9+1
3.20180807a.1~deb8u1
3.20180807a.1~deb9u1
3.20180807a.1
3.20180807a.2~bpo8+1
3.20180807a.2~bpo9+1
3.20180807a.2~deb9u1
3.20180807a.2
3.20190312.1~bpo9+1
3.20190312.1
3.20190514.1~deb8u1
3.20190514.1~deb9u1
3.20190514.1
3.20190618.1~deb8u1
3.20190618.1~deb9u1
3.20190618.1
3.20190918.1
3.20191112.1~deb9u1
3.20191112.1~deb10u1
3.20191112.1
3.20191113.1
3.20191115.1~deb9u1
3.20191115.1~deb10u1
3.20191115.1
3.20191115.2~deb8u1
3.20191115.2~deb9u1
3.20191115.2~deb10u1
3.20191115.2
3.20200508.1
3.20200520.1
3.20200609.1~deb9u1
3.20200609.1~deb10u1
3.20200609.1
3.20200609.2~deb8u1
3.20200609.2~deb9u1
3.20200609.2~deb10u1
3.20200609.2
3.20200616.1~deb9u1
3.20200616.1~deb10u1
3.20200616.1
3.20201110.1
3.20201118.1~bpo10+1
3.20201118.1~deb9u1
3.20201118.1~deb10u1
3.20201118.1
3.20210216.1~deb10u1
3.20210216.1
3.20210608.1
3.20210608.2~deb9u2
3.20210608.2~deb10u1
3.20210608.2
3.20220207.1~bpo11+1
3.20220207.1~deb10u1
3.20220207.1~deb11u1
3.20220207.1
3.20220510.1~deb10u1
3.20220510.1~deb11u1
3.20220510.1
3.20220809.1
3.20221108.1
3.20221108.2
3.20230214.1~deb10u1
3.20230214.1~deb11u1
3.20230214.1
3.20230512.1
3.20230808.1~deb10u1
3.20230808.1~deb11u1
3.20230808.1~deb12u1
3.20230808.1
3.20231114.1~deb10u1
3.20231114.1~deb11u1
3.20231114.1~deb12u1
3.20231114.1
3.20240312.1~deb10u1
3.20240312.1~deb11u1
3.20240312.1~deb12u1
3.20240312.1
3.20240514.1~deb11u1
3.20240514.1~deb12u1
3.20240514.1
3.20240531.1
3.20240531.1+nmu1
3.20240813.1~deb11u1
3.20240813.1~deb12u1
3.20240813.1
3.20240813.2
3.20240910.1~deb11u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-23984.json"

Debian:13 / intel-microcode

Package

Name
intel-microcode
Purl
pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20240910.1

Affected versions

0.*

0.20080131-1
0.20080220-1
0.20080401-1
0.20080910-1
0.20080910-2
0.20090330-1
0.20090927-1
0.20100826-1
0.20100914-1
0.20101123-1
0.20110428-1
0.20110915-1
0.20111110-1
0.20120606-1

1.*

1.20120606.1
1.20120606.2
1.20120606.3
1.20120606.4
1.20120606.5
1.20120606.6~bpo60+1
1.20120606.6
1.20120606.v2.1
1.20120606.v2.2~bpo60+1
1.20120606.v2.2
1.20130222.1~bpo60+1
1.20130222.1
1.20130222.3
1.20130222.4
1.20130222.5
1.20130222.6
1.20130808.1
1.20130808.2
1.20130906.1
1.20140122.1~bpo60+1
1.20140122.1
1.20140430.1~bpo60+1
1.20140430.1
1.20140624.1~bpo60+1
1.20140624.1
1.20140913.1~bpo60+1
1.20140913.1
1.20150121.1

2.*

2.20130808.1~bpo70+1
2.20130808.1
2.20130906.1~bpo70+1
2.20130906.1
2.20140122.1~bpo70+1
2.20140122.1
2.20140430.1~bpo70+1
2.20140430.1
2.20140624.1~bpo70+1
2.20140624.1

3.*

3.20140913.1~bpo70+1
3.20140913.1~bpo70+2
3.20140913.1
3.20150107.1~bpo70+1
3.20150107.1
3.20150121.1~bpo70+1
3.20150121.1
3.20151106.1~bpo7+1
3.20151106.1~bpo8+1
3.20151106.1~deb8u1
3.20151106.1
3.20151106.2
3.20160607.1
3.20160607.2~bpo8+1
3.20160607.2
3.20160714.1~bpo8+1
3.20160714.1~deb8u1~bpo7+1
3.20160714.1~deb8u1
3.20160714.1
3.20161104.1~bpo8+1
3.20161104.1~deb8u1~bpo7+1
3.20161104.1~deb8u1
3.20161104.1
3.20170511.1~bpo8+1
3.20170511.1
3.20170707.1~bpo8+1
3.20170707.1~bpo9+1
3.20170707.1~deb8u1
3.20170707.1~deb9u1
3.20170707.1
3.20171117.1~bpo8+1
3.20171117.1~bpo9+1
3.20171117.1
3.20171215.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.1~bpo8+1
3.20180312.1~bpo9+1
3.20180312.1
3.20180425.1~bpo8+1
3.20180425.1~bpo9+1
3.20180425.1~deb8u1
3.20180425.1~deb9u1
3.20180425.1
3.20180703.1
3.20180703.2~bpo8+1
3.20180703.2~bpo9+1
3.20180703.2~deb8u1
3.20180703.2~deb9u1
3.20180703.2
3.20180807a.1~bpo8+1
3.20180807a.1~bpo9+1
3.20180807a.1~deb8u1
3.20180807a.1~deb9u1
3.20180807a.1
3.20180807a.2~bpo8+1
3.20180807a.2~bpo9+1
3.20180807a.2~deb9u1
3.20180807a.2
3.20190312.1~bpo9+1
3.20190312.1
3.20190514.1~deb8u1
3.20190514.1~deb9u1
3.20190514.1
3.20190618.1~deb8u1
3.20190618.1~deb9u1
3.20190618.1
3.20190918.1
3.20191112.1~deb9u1
3.20191112.1~deb10u1
3.20191112.1
3.20191113.1
3.20191115.1~deb9u1
3.20191115.1~deb10u1
3.20191115.1
3.20191115.2~deb8u1
3.20191115.2~deb9u1
3.20191115.2~deb10u1
3.20191115.2
3.20200508.1
3.20200520.1
3.20200609.1~deb9u1
3.20200609.1~deb10u1
3.20200609.1
3.20200609.2~deb8u1
3.20200609.2~deb9u1
3.20200609.2~deb10u1
3.20200609.2
3.20200616.1~deb9u1
3.20200616.1~deb10u1
3.20200616.1
3.20201110.1
3.20201118.1~bpo10+1
3.20201118.1~deb9u1
3.20201118.1~deb10u1
3.20201118.1
3.20210216.1~deb10u1
3.20210216.1
3.20210608.1
3.20210608.2~deb9u2
3.20210608.2~deb10u1
3.20210608.2
3.20220207.1~bpo11+1
3.20220207.1~deb10u1
3.20220207.1~deb11u1
3.20220207.1
3.20220510.1~deb10u1
3.20220510.1~deb11u1
3.20220510.1
3.20220809.1
3.20221108.1
3.20221108.2
3.20230214.1~deb10u1
3.20230214.1~deb11u1
3.20230214.1
3.20230512.1
3.20230808.1~deb10u1
3.20230808.1~deb11u1
3.20230808.1~deb12u1
3.20230808.1
3.20231114.1~deb10u1
3.20231114.1~deb11u1
3.20231114.1~deb12u1
3.20231114.1
3.20240312.1~deb10u1
3.20240312.1~deb11u1
3.20240312.1~deb12u1
3.20240312.1
3.20240514.1~deb11u1
3.20240514.1~deb12u1
3.20240514.1
3.20240531.1
3.20240531.1+nmu1
3.20240813.1~deb11u1
3.20240813.1~deb12u1
3.20240813.1
3.20240813.2
3.20240910.1~deb11u1
3.20240910.1~deb12u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-23984.json"

Debian:14 / intel-microcode

Package

Name
intel-microcode
Purl
pkg:deb/debian/intel-microcode?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.20240910.1

Affected versions

0.*

0.20080131-1
0.20080220-1
0.20080401-1
0.20080910-1
0.20080910-2
0.20090330-1
0.20090927-1
0.20100826-1
0.20100914-1
0.20101123-1
0.20110428-1
0.20110915-1
0.20111110-1
0.20120606-1

1.*

1.20120606.1
1.20120606.2
1.20120606.3
1.20120606.4
1.20120606.5
1.20120606.6~bpo60+1
1.20120606.6
1.20120606.v2.1
1.20120606.v2.2~bpo60+1
1.20120606.v2.2
1.20130222.1~bpo60+1
1.20130222.1
1.20130222.3
1.20130222.4
1.20130222.5
1.20130222.6
1.20130808.1
1.20130808.2
1.20130906.1
1.20140122.1~bpo60+1
1.20140122.1
1.20140430.1~bpo60+1
1.20140430.1
1.20140624.1~bpo60+1
1.20140624.1
1.20140913.1~bpo60+1
1.20140913.1
1.20150121.1

2.*

2.20130808.1~bpo70+1
2.20130808.1
2.20130906.1~bpo70+1
2.20130906.1
2.20140122.1~bpo70+1
2.20140122.1
2.20140430.1~bpo70+1
2.20140430.1
2.20140624.1~bpo70+1
2.20140624.1

3.*

3.20140913.1~bpo70+1
3.20140913.1~bpo70+2
3.20140913.1
3.20150107.1~bpo70+1
3.20150107.1
3.20150121.1~bpo70+1
3.20150121.1
3.20151106.1~bpo7+1
3.20151106.1~bpo8+1
3.20151106.1~deb8u1
3.20151106.1
3.20151106.2
3.20160607.1
3.20160607.2~bpo8+1
3.20160607.2
3.20160714.1~bpo8+1
3.20160714.1~deb8u1~bpo7+1
3.20160714.1~deb8u1
3.20160714.1
3.20161104.1~bpo8+1
3.20161104.1~deb8u1~bpo7+1
3.20161104.1~deb8u1
3.20161104.1
3.20170511.1~bpo8+1
3.20170511.1
3.20170707.1~bpo8+1
3.20170707.1~bpo9+1
3.20170707.1~deb8u1
3.20170707.1~deb9u1
3.20170707.1
3.20171117.1~bpo8+1
3.20171117.1~bpo9+1
3.20171117.1
3.20171215.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.1~bpo8+1
3.20180312.1~bpo9+1
3.20180312.1
3.20180425.1~bpo8+1
3.20180425.1~bpo9+1
3.20180425.1~deb8u1
3.20180425.1~deb9u1
3.20180425.1
3.20180703.1
3.20180703.2~bpo8+1
3.20180703.2~bpo9+1
3.20180703.2~deb8u1
3.20180703.2~deb9u1
3.20180703.2
3.20180807a.1~bpo8+1
3.20180807a.1~bpo9+1
3.20180807a.1~deb8u1
3.20180807a.1~deb9u1
3.20180807a.1
3.20180807a.2~bpo8+1
3.20180807a.2~bpo9+1
3.20180807a.2~deb9u1
3.20180807a.2
3.20190312.1~bpo9+1
3.20190312.1
3.20190514.1~deb8u1
3.20190514.1~deb9u1
3.20190514.1
3.20190618.1~deb8u1
3.20190618.1~deb9u1
3.20190618.1
3.20190918.1
3.20191112.1~deb9u1
3.20191112.1~deb10u1
3.20191112.1
3.20191113.1
3.20191115.1~deb9u1
3.20191115.1~deb10u1
3.20191115.1
3.20191115.2~deb8u1
3.20191115.2~deb9u1
3.20191115.2~deb10u1
3.20191115.2
3.20200508.1
3.20200520.1
3.20200609.1~deb9u1
3.20200609.1~deb10u1
3.20200609.1
3.20200609.2~deb8u1
3.20200609.2~deb9u1
3.20200609.2~deb10u1
3.20200609.2
3.20200616.1~deb9u1
3.20200616.1~deb10u1
3.20200616.1
3.20201110.1
3.20201118.1~bpo10+1
3.20201118.1~deb9u1
3.20201118.1~deb10u1
3.20201118.1
3.20210216.1~deb10u1
3.20210216.1
3.20210608.1
3.20210608.2~deb9u2
3.20210608.2~deb10u1
3.20210608.2
3.20220207.1~bpo11+1
3.20220207.1~deb10u1
3.20220207.1~deb11u1
3.20220207.1
3.20220510.1~deb10u1
3.20220510.1~deb11u1
3.20220510.1
3.20220809.1
3.20221108.1
3.20221108.2
3.20230214.1~deb10u1
3.20230214.1~deb11u1
3.20230214.1
3.20230512.1
3.20230808.1~deb10u1
3.20230808.1~deb11u1
3.20230808.1~deb12u1
3.20230808.1
3.20231114.1~deb10u1
3.20231114.1~deb11u1
3.20231114.1~deb12u1
3.20231114.1
3.20240312.1~deb10u1
3.20240312.1~deb11u1
3.20240312.1~deb12u1
3.20240312.1
3.20240514.1~deb11u1
3.20240514.1~deb12u1
3.20240514.1
3.20240531.1
3.20240531.1+nmu1
3.20240813.1~deb11u1
3.20240813.1~deb12u1
3.20240813.1
3.20240813.2
3.20240910.1~deb11u1
3.20240910.1~deb12u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-23984.json"