Описание
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
A flaw was found in intel-microcode. Improper input validation in some Intel® TDX module software may allow a privileged user to enable escalation of privileges via local access.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | microcode_ctl | Out of support scope | ||
| Red Hat Enterprise Linux 7 | microcode_ctl | Out of support scope | ||
| Red Hat Enterprise Linux 8 | microcode_ctl | Not affected | ||
| Red Hat Enterprise Linux 9 | microcode_ctl | Not affected |
Показывать по
Дополнительная информация
Статус:
6 Medium
CVSS3
Связанные уязвимости
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in some Intel(R) TDX module software before ...
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
Уязвимость аппаратной доверенной среды выполнения (TEE) для развертывания виртуальных машин Intel Trust Domain Extensions (Intel TDX), связанная с неправильной проверкой входных данных, позволяющая нарушителю повысить свои привилегии
6 Medium
CVSS3