[SECURITY] [DLA 4002-1] intel-microcode security update

Mon, 23 Dec 2024 10:57:56 -0800 

-------------------------------------------------------------------------
Debian LTS Advisory DLA-4002-1                [email protected]
https://www.debian.org/lts/security/                         Tobias Frost
December 23, 2024                             https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : intel-microcode
Version        : 3.20241112.1~deb11u1
CVE ID         : CVE-2024-23918 CVE-2024-21853 CVE-2024-21820 CVE-2024-23984
Debian Bug     : 1087532

A microcode update has been released for Intel processors, addressing multiple
vulnerabilties which potentially could cause local privileged escalation or
local DoS.

CVE-2024-23918

    Improper conditions check in some Intel(R) Xeon(R) processor memory 
controller
    configurations when using Intel(R) SGX may allow a privileged user to
    potentially enable escalation of privilege via local access. 
(INTEL-SA-01079)

CVE-2024-21853

    Improper finite state machines (FSMs) in the hardware logic in some 4th and 
5th
    Generation Intel(R) Xeon(R) Processors may allow an authorized user to
    potentially enable denial of service via local access. (INTEL-SA-01101)

CVE-2024-21820

    Incorrect default permissions in some Intel(R) Xeon(R) processor memory
    controller configurations when using Intel(R) SGX may allow a privileged 
user
    to potentially enable escalation of privilege via local access.
    (INTEL-SA-01079)

CVE-2024-23984 (already adressed in a previous upload, this upload adds more 
processor models.)

    Observable discrepancy in RAPL interface for some Intel(R) Processors may 
allow
    a privileged user to potentially enable information disclosure via local
    access.



For Debian 11 bullseye, this problem has been fixed in version
3.20241112.1~deb11u1.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: PGP signature

Reply via email to