MGASA-2024-0296

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2024-0296.html

Import Source

https://advisories.mageia.org/MGASA-2024-0296.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2024-0296

Related

Published

2024-09-11T20:42:44Z

Modified

2024-09-11T20:21:55Z

Summary

Updated microcode package fix security vulnerabilities

Details

Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2023-42667) Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2023-49141) Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2024-24853) Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2024-24980) Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. (CVE-2024-25939)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / microcode

Package

Name: microcode
Purl: pkg:rpm/mageia/microcode?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.20240813-1.mga9.nonfree

Ecosystem specific

{
    "section": "nonfree"
}