Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-28746

Опубликовано: 14 мар. 2024
Источник: debian
EPSS Низкий

Описание

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
intel-microcodefixed3.20240312.1package
intel-microcodefixed3.20240312.1~deb12u1bookwormpackage
intel-microcodefixed3.20240312.1~deb11u1bullseyepackage
linuxfixed6.7.9-2package
linuxfixed6.1.82-1bookwormpackage
xenfixed4.19.0+14-g0918434e0f-1~exp1experimentalpackage
xenfixed4.19.1-1package
xenend-of-lifebullseyepackage
xenend-of-lifebusterpackage

Примечания

  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html

  • https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240312

  • https://www.openwall.com/lists/oss-security/2024/03/12/13

  • https://xenbits.xen.org/xsa/advisory-452.html

  • https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/register-file-data-sampling.html

EPSS

Процентиль: 14%
0.00046
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-28746

CVSS3: 6.5
ubuntu
больше 1 года назад

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

redhat логотип

CVE-2023-28746

CVSS3: 6.5
redhat
больше 1 года назад

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

nvd логотип

CVE-2023-28746

CVSS3: 6.5
nvd
больше 1 года назад

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

msrc логотип

CVE-2023-28746

msrc
больше 1 года назад

Intel: CVE-2023-28746 Register File Data Sampling (RFDS)

github логотип

GHSA-36c8-x5g7-w9x4

CVSS3: 6.5
github
больше 1 года назад

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

EPSS

Процентиль: 14%
0.00046
Низкий