CVE-2024-21823

high

Description

Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/

https://lists.fedoraproject.org/archives/list/[email protected]/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/

http://www.openwall.com/lists/oss-security/2024/05/15/1

Details

Source: Mitre, NVD

Published: 2024-05-16

Updated: 2024-08-14

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00076

Detections

Analytics