Описание
Moderate: microcode_ctl security update
The microcode_ctl packages provide microcode updates for Intel and AMD processors.
Security Fix(es):
-
microcode_ctl: Improper input validation in UEFI firmware (CVE-2024-28047)
-
microcode_ctl: Insufficient granularity of access control in UEFI firmware (CVE-2024-39279)
-
microcode_ctl: mproper initialization in UEFI firmware OutOfBandXML module (CVE-2024-31157)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 9 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 9
Связанные CVE
Исправления
- Red Hat - 2345363
- Red Hat - 2345381
- Red Hat - 2345421
Связанные уязвимости
Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
Improper input validation in UEFI firmware for some Intel(R) Processor ...