CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L
EPSS
Percentile
13.2%
Updated microcode packages fix security vulnerabilities: Insufficient granularity of access control in out-of-band management in some Intel® Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access (CVE-2022-21216 / intel-sa-00700). Incorrect default permissions in some memory controller configurations for some Intel® Xeon® Processors when using Intel® Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access (CVE-2022-33196 / intel-sa-00738). Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel® Xeon® Scalable Processors may allow a privileged user to potentially enable information disclosure via local access (CVE-2022-33972 / intel-sa-00730). Improper isolation of shared resources in some Intel® Processors when using Intel® Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access (CVE-2022-38090 / intel-sa-00767).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | microcode | < 0.20230214-1 | microcode-0.20230214-1.mga8.nonfree |
bugs.mageia.org/show_bug.cgi?id=31581
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00700.html
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00730.html
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html