| Package | intel-microcode |
|---|---|
| Version | 3.20241112.1~deb8u1 (jessie), 3.20241112.1~deb9u1 (stretch), 3.20241112.1~deb10u1 (buster) |
| Related CVEs | CVE-2024-21820 CVE-2024-21853 CVE-2024-23918 CVE-2024-23984 |
A microcode update has been released for Intel processors, addressing multiple vulnerabilties which potentially could cause local privileged escalation or local DoS.
CVE-2024-21820
Incorrect default permissions in some Intel(R) Xeon(R) processor memory
controller configurations when using Intel(R) SGX may allow a privileged user
to potentially enable escalation of privilege via local access.
(INTEL-SA-01079)
CVE-2024-21853
Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th
Generation Intel(R) Xeon(R) Processors may allow an authorized user to
potentially enable denial of service via local access. (INTEL-SA-01101)
CVE-2024-23918
Improper conditions check in some Intel(R) Xeon(R) processor memory controller
configurations when using Intel(R) SGX may allow a privileged user to
potentially enable escalation of privilege via local access. (INTEL-SA-01079)
CVE-2024-23984 (already adressed in a previous upload, this upload adds more processor models.)
Observable discrepancy in RAPL interface for some Intel(R) Processors may allow
a privileged user to potentially enable information disclosure via local
access.
For Debian 10 buster, these problems have been fixed in version 3.20241112.1~deb10u1.
For Debian 8 jessie, these problems have been fixed in version 3.20241112.1~deb8u1.
For Debian 9 stretch, these problems have been fixed in version 3.20241112.1~deb9u1.
We recommend that you upgrade your intel-microcode packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.