CVE-2024-29214

Опубликовано: 12 фев. 2025

Источник: debian

Описание

Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
intel-microcode	fixed	3.20250211.1		package
intel-microcode	fixed	3.20250211.1~deb12u1	bookworm	package

Примечания

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211

Связанные уязвимости

CVE-2024-29214

CVSS3: 7.5

ubuntu

9 месяцев назад

Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2024-29214

CVSS3: 7.5

redhat

9 месяцев назад

Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2024-29214

CVSS3: 7.5

nvd

9 месяцев назад

Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

GHSA-244r-4cqf-v63r

CVSS3: 7.5

github

9 месяцев назад

Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

BDU:2025-02127

CVSS3: 7.5

fstec

9 месяцев назад

Уязвимость модуля CseVariableStorageSmm микропрограммного обеспечения UEFI процессоров Intel, позволяющая нарушителю повысить свои привилегии