Описание
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| intel-microcode | fixed | 3.20240514.1 | package | |
| intel-microcode | fixed | 3.20240514.1~deb12u1 | bookworm | package |
| intel-microcode | fixed | 3.20240514.1~deb11u1 | bullseye | package |
| intel-microcode | postponed | buster | package |
Примечания
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240514
EPSS
Связанные уязвимости
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Уязвимость аппаратной доверенной среды выполнения (TEE) для развертывания виртуальных машин Intel Trust Domain Extensions (Intel TDX), связанная с неправильной проверкой входных данных, позволяющая нарушителю повысить свои привилегии
EPSS