[USN-5535-1] Intel Microcode vulnerabilities
Several security issues were fixed in Intel Microcode.
Joseph Nuzman discovered that some Intel processors did not properly
initialise shared resources. A local attacker could use this to obtain
sensitive information. (CVE-2021-0145)
Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel
processors did not prevent test and debug logic from being activated at
runtime. A local attacker could use this to escalate
privileges. (CVE-2021-0146)
It was discovered that some Intel processors did not implement sufficient
control flow management. A local attacker could use this to cause a denial
of service (system crash). (CVE-2021-0127)
It was discovered that some Intel processors did not completely perform
cleanup actions on multi-core shared buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21123,
CVE-2022-21127)
It was discovered that some Intel processors did not completely perform
cleanup actions on microarchitectural fill buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21125)
Alysa Milburn, Jason Brandt, Avishai Redelman and Nir Lavi discovered that
some Intel processors improperly optimised security-critical code. A local
attacker could possibly use this to expose sensitive
information. (CVE-2022-21151)
It was discovered that some Intel processors did not properly perform
cleanup during specific special register write operations. A local attacker
could possibly use this to expose sensitive information. (CVE-2022-21166)
It was discovered that some Intel processors did not properly restrict
access in some situations. A local attacker could use this to obtain
sensitive information. (CVE-2021-33117)
Brandon Miller discovered that some Intel processors did not properly
restrict access in some situations. A local attacker could use this to
obtain sensitive information or a remote attacker could use this to
cause a denial of service (system crash). (CVE-2021-33120)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/intel-microcode?distro=xenial | < 3.20220510.0ubuntu0.16.04.1+esm1 |
- ID
- USN-5535-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-5535-1
- Published
-
2022-07-28T05:31:23
(2 years ago) - Modified
-
2022-07-28T05:31:23
(2 years ago) - Other Advisories
-
- ALAS-2022-1606
- ALAS2-2022-1762
- ALAS2-2022-1800
- ALAS2-2022-1813
- ALPINE:CVE-2021-0127
- ALPINE:CVE-2021-0146
- ALPINE:CVE-2022-21123
- ALPINE:CVE-2022-21125
- ALPINE:CVE-2022-21151
- ALPINE:CVE-2022-21166
- ALSA-2022:6460
- ALSA-2022:8267
- DSA-5173-1
- DSA-5178-1
- DSA-5184-1
- ELSA-2022-5937
- ELSA-2022-6460
- ELSA-2022-8267
- ELSA-2022-9481
- ELSA-2022-9482
- ELSA-2022-9483
- ELSA-2022-9484
- ELSA-2022-9485
- ELSA-2022-9486
- ELSA-2022-9507
- ELSA-2022-9508
- ELSA-2022-9670
- FEDORA-2022-177a008b98
- FEDORA-2022-2c9f8224f8
- FEDORA-2022-391e24517d
- FEDORA-2022-688cbbf106
- FEDORA-2022-925fc688c1
- FEDORA-2022-9fdae2c607
- FEDORA-2022-e718888c8b
- GLSA-202208-23
- GLSA-202402-22
- MS:CVE-2022-21123
- MS:CVE-2022-21125
- MS:CVE-2022-21127
- MS:CVE-2022-21166
- openSUSE-SU-2022:0574-1
- openSUSE-SU-2022:2177-1
- RHSA-2022:5937
- RHSA-2022:5939
- RHSA-2022:6437
- RHSA-2022:6460
- RHSA-2022:7933
- RHSA-2022:8267
- RLSA-2022:6460
- SSA:2022-237-02
- SUSE-SU-2022:0502-1
- SUSE-SU-2022:0541-1
- SUSE-SU-2022:0574-1
- SUSE-SU-2022:0575-1
- SUSE-SU-2022:0576-1
- SUSE-SU-2022:1727-1
- SUSE-SU-2022:1728-1
- SUSE-SU-2022:1732-1
- SUSE-SU-2022:1744-1
- SUSE-SU-2022:1747-1
- SUSE-SU-2022:2077-1
- SUSE-SU-2022:2078-1
- SUSE-SU-2022:2079-1
- SUSE-SU-2022:2080-1
- SUSE-SU-2022:2082-1
- SUSE-SU-2022:2083-1
- SUSE-SU-2022:2103-1
- SUSE-SU-2022:2104-1
- SUSE-SU-2022:2111-1
- SUSE-SU-2022:2116-1
- SUSE-SU-2022:2177-1
- SUSE-SU-2022:2520-1
- SUSE-SU-2022:2557-1
- SUSE-SU-2022:2560-1
- SUSE-SU-2022:2569-1
- SUSE-SU-2022:2574-1
- SUSE-SU-2022:2591-1
- SUSE-SU-2022:2597-1
- SUSE-SU-2022:2599-1
- SUSE-SU-2022:2599-2
- SUSE-SU-2022:2600-1
- SUSE-SU-2022:2601-1
- SUSE-SU-2022:2615-1
- SUSE-SU-2022:2629-1
- SUSE-SU-2023:0416-1
- USN-5484-1
- USN-5485-1
- USN-5485-2
- USN-5486-1
- USN-5505-1
- USN-5513-1
- USN-5529-1
- VMSA-2022-0016
- XSA-404
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/intel-microcode?distro=xenial | ubuntu | intel-microcode | < 3.20220510.0ubuntu0.16.04.1+esm1 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |