intel-ucode

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Microcode update files for Intel CPUs
Version 20240312-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2796 20220419-1 20220510-1 Medium Fixed
AVG-2795 20220510-1 20220809-1 Medium Fixed
AVG-2051 20210216-1 20210608-1 High Fixed
AVG-1590 20210608-1 20220207-1 Medium Fixed
AVG-1588 20201118-1 20210216-1 Medium Fixed
AVG-1187 20200520-1 20200609-1 High Fixed
AVG-1068 20190918-1 20191112-1 High Fixed
AVG-582 20171117-1 20180108-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2022-21233 AVG-2795 Medium No Information disclosure
improper isolation of shared resources in some intel processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2022-21151 AVG-2796 Medium No Information disclosure
processor optimization removal or modification of security-critical code for some intel processors may allow an authenticated user to potentially enable...
CVE-2020-24513 AVG-2051 Medium No Information disclosure
Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information...
CVE-2020-24512 AVG-2051 Low No Information disclosure
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24511 AVG-2051 Medium No Information disclosure
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24491 AVG-1590 Medium No Information disclosure
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to...
CVE-2020-24489 AVG-2051 High No Privilege escalation
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2020-8698 AVG-1588 Medium No Information disclosure
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8696 AVG-1588 Low No Information disclosure
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable...
CVE-2020-0549 AVG-1187 High No Information disclosure
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the...
CVE-2020-0548 AVG-1187 Low No Information disclosure
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register...
CVE-2020-0543 AVG-1187 High No Information disclosure
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from...
CVE-2019-11139 AVG-1068 Medium No Denial of service
It was discovered that certain Intel Xeon processors did not properly restrict access to a voltage modulation interface. A local privileged attacker could...
CVE-2019-11135 AVG-1068 High No Private key recovery
A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort (TAA) error occurs. A local...
CVE-2019-0117 AVG-1068 High No Information disclosure
A flaw was found in the implementation of SGX around the access control of protected memory. A local attacker of a system with SGX enabled and an affected...
CVE-2017-5715 AVG-582 High No Access restriction bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used...

Advisories

Date Advisory Group Severity Type
15 Jun 2021 ASA-202106-34 AVG-2051 High multiple issues
27 Feb 2021 ASA-202102-34 AVG-1588 Medium information disclosure
13 Jun 2020 ASA-202006-10 AVG-1187 High information disclosure
13 Nov 2019 ASA-201911-14 AVG-1068 High multiple issues
10 Jan 2018 ASA-201801-10 AVG-582 High access restriction bypass