Описание
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.
A flaw was found in the Linux kernel. Some Intel(R) Xeon(R) processors with Intel® Software Guard Extensions (SGX) may allow privilege escalation. This issue may allow a privileged user to enable privilege escalation via local access.
Отчет
Red Hat has very limited visibility and control over binary blobs provided by third-party vendors. Red Hat relies heavily on the vendors to provide timely updates and information about included changes for this content. In most cases, it merely acts as a release vehicle between the third-party vendor and Red Hat customers with no possibility of influencing or documenting the changes. Unless explicitly stated, the level of insight, oversight, and control Red Hat has does not meet the criteria required for releasing this content as RHSA, in terms of Red Hat-owned development processes and QA documentation. For more information, please contact the binary content vendor.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | microcode_ctl | Out of support scope | ||
| Red Hat Enterprise Linux 7 | microcode_ctl | Fixed | RHEA-2023:4636 | 14.08.2023 |
| Red Hat Enterprise Linux 8 | microcode_ctl | Fixed | RHEA-2023:7117 | 14.11.2023 |
| Red Hat Enterprise Linux 9 | microcode_ctl | Fixed | RHEA-2023:6637 | 07.11.2023 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | redhat-virtualization-host | Fixed | RHSA-2023:5209 | 19.09.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.2 High
CVSS3
Связанные уязвимости
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.
Incorrect default permissions in some memory controller configurations ...
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.
Уязвимость микрокода процессоров Intel Microcode, связанная с настройками прав доступа по умолчанию, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
7.2 High
CVSS3