Описание
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
A flaw was found in intel-microcode. Improper input validation in some Intel(R) TDX module software may allow a privileged user to enable escalation of privilege via local access.
Отчет
This vulnerability does not affect any versions of Red Hat Enterprise Linux.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | microcode_ctl | Not affected | ||
| Red Hat Enterprise Linux 7 | microcode_ctl | Not affected | ||
| Red Hat Enterprise Linux 8 | microcode_ctl | Not affected | ||
| Red Hat Enterprise Linux 9 | microcode_ctl | Not affected |
Показывать по
Дополнительная информация
Статус:
7.9 High
CVSS3
Связанные уязвимости
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in some Intel(R) TDX module software before ...
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Уязвимость аппаратной доверенной среды выполнения (TEE) для развертывания виртуальных машин Intel Trust Domain Extensions (Intel TDX), связанная с неправильной проверкой входных данных, позволяющая нарушителю повысить свои привилегии
7.9 High
CVSS3