------------------------------------------------------------------------- Debian LTS Advisory DLA-4002-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Tobias Frost December 23, 2024 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : intel-microcode Version : 3.20241112.1~deb11u1 CVE ID : CVE-2024-23918 CVE-2024-21853 CVE-2024-21820 CVE-2024-23984 Debian Bug : 1087532 A microcode update has been released for Intel processors, addressing multiple vulnerabilties which potentially could cause local privileged escalation or local DoS. CVE-2024-23918 Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. (INTEL-SA-01079) CVE-2024-21853 Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access. (INTEL-SA-01101) CVE-2024-21820 Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. (INTEL-SA-01079) CVE-2024-23984 (already adressed in a previous upload, this upload adds more processor models.) Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. For Debian 11 bullseye, this problem has been fixed in version 3.20241112.1~deb11u1. We recommend that you upgrade your intel-microcode packages. For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature