MGASA-2025-0068

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2025-0068.html

Import Source

https://advisories.mageia.org/MGASA-2025-0068.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2025-0068

Related

Published

2025-02-17T18:37:36Z

Modified

2025-02-17T18:08:05Z

Summary

Updated microcode packages fix security vulnerabilities

Details

Improper Finite State Machines (FSMs) in Hardware Logic for some IntelÂ® Processors may allow privileged user to potentially enable denial of service via local access. (CVE-2024-31068) Improper access control in the EDECCSSA user leaf function for some IntelÂ® Processors with IntelÂ® SGX may allow an authenticated user to potentially enable denial of service via local access. (CVE-2024-36293) Improper input validation in UEFI firmware for some IntelÂ® processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-43758) Improper handling of physical or environmental conditions in some IntelÂ® Processors may allow an authenticated user to enable denial of service via local access. (CVE-2024-39355) Sequence of processor instructions leads to unexpected behavior in the IntelÂ® DSA V1.0 for some IntelÂ® XeonÂ® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2024-37020)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / microcode

Package

Name: microcode
Purl: pkg:rpm/mageia/microcode?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.20250211-1.mga9.nonfree

Ecosystem specific

{
    "section": "nonfree"
}