Hi,
I am wondering if/when the latest round of intel firmware issues will be
addressed by Dell for my laptop XPS 13 9360.
current firmware 2.12.0 (latest on dell.com and fwupd.org)
*** Intel(R) ME Information ***
Engine: Intel(R) Converged Security and Management Engine
Version: 11.8.65.3590
They are vulnerable for this:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
CVEID: CVE-2019-0169
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0169>
Description: Heap overflow in subsystem in Intel(R) CSME before versions
11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions
3.1.70 and 4.0.20 may allow an unauthenticated user to potentially
enable escalation of privileges, information disclosure or denial of
service via adjacent access.
CVSS Base Score: 9.6 Critical
CVSS Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H>
It can't get much worse than that score :)
Greetings
Klaas
_______________________________________________
Linux-Desktops mailing list
Linux-Desktops@dell.com
https://lists.us.dell.com/mailman/listinfo/linux-desktops
Please read the FAQ at http://lists.us.dell.com/faq
