Description
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
References (6)
Core 6
Core References
Mailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/
Third Party Advisory
https://www.debian.org/security/2023/dsa-5474
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230824-0003/
Scores
CVSS v3
6.0
EPSS
0.0001
EPSS Percentile
2.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (50)
debian/debian_linux
10.0
debian/debian_linux
11.0
debian/debian_linux
12.0
fedoraproject/fedora
37
fedoraproject/fedora
38
intel/microcode
< 20230808
intel/xeon_d-1513n_firmware
intel/xeon_d-1518_firmware
intel/xeon_d-1520_firmware
intel/xeon_d-1521_firmware
... and 40 more
Published
Aug 11, 2023
Tracked Since
Feb 18, 2026