Context Navigation

#21061 closed enhancement (fixed)

New microcode release with several CVE fixes.

Owner:	changed from blfs-book to Douglas R. Reno
Status:	new → assigned

This includes five security fixes:

INTEL-SA-01166 (CVE-2024-31068, Medium): Improper Finite State Machines (FSMs) in Hardware Logic for some Intel® Processors may allow privileged user to potentially enable denial of service via local access. For consumer chips, this affects the 12th-generation Intel Core series and higher.

INTEL-SA-01213 (CVE-2024-36293, Medium): A potential security vulnerability in some Intel® Software Guard Extensions (Intel® SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. For consumer chips, this affects the 8th-11th generation Intel Core series chips.

INTEL-SA-01139 (CVE-2023-43758 [High], CVE-2023-34440 [High], CVE-2024-24582 [High], CVE-2024-29214 [High], CVE-2024-28127 [High], CVE-2024-39279 [Medium], CVE-2024-31157 [Medium], and CVE-2024-28047 [Medium]): Potential security vulnerabilities in the UEFI firmware for some Intel® Processors may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing UEFI firmware and CPU microcode updates to mitigate these potential vulnerabilities. For consumer chips, this affects 12th/13th generation chips as well as the Core Ultra family.

INTEL-SA-01228 (CVE-2024-39355, Medium): A potential security vulnerability in some 13th and 14th Generation Intel® Core™ Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability.

INTEL-SA-01194 (CVE-2024-37020, Low): Sequence of processor instructions leads to unexpected behavior in the Intel® DSA V1.0 for some Intel® Xeon® Processors may allow an authenticated user to potentially enable denial of service via local access.

Resolution:	→ fixed
Status:	assigned → closed

SA-12.2-083 issued

Note: See TracTickets for help on using tickets.