Ke Sun, Paul Grosen and Alyssa Milburn discovered that some Intel® Processors did not properly implement Finite State Machines (FSMs) in Hardware Logic. A local privileged attacker could use this issue to cause a denial of service. (CVE-2024-31068)
It was discovered that some Intel® Processors with Intel® SGX did not properly restrict access to the EDECCSSA user leaf function. A local authenticated attacker could use this issue to cause a denial of service. (CVE-2024-36293)
Ke Sun, Alyssa Milburn, Benoit Morgan, and Erik Bjorge discovered that the UEFI firmware for some Intel® processors did not properly restrict access. An authenticated local attacker could use this issue to cause a denial of service. (CVE-2024-39279)
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "intel-microcode", "binary_version": "3.20250211.0ubuntu0.16.04.1+esm1" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:Pro:16.04:LTS", "cves": [ { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-31068" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-36293" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-39279" } ] } }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "intel-microcode", "binary_version": "3.20250211.0ubuntu0.18.04.1+esm1" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:Pro:18.04:LTS", "cves": [ { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-31068" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-36293" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-39279" } ] } }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "intel-microcode", "binary_version": "3.20250211.0ubuntu0.20.04.1" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:20.04:LTS", "cves": [ { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-31068" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-36293" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-39279" } ] } }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "intel-microcode", "binary_version": "3.20250211.0ubuntu0.22.04.1" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:22.04:LTS", "cves": [ { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-31068" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-36293" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2024-39279" } ] } }