CVE-2024-21823

HIGH

Intel(R) DSA/Iaa - Privilege Escalation

Title source: llm

Description

Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access

References (4)

Core 4

Core References

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/

Mailing List

http://www.openwall.com/lists/oss-security/2024/05/15/1

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html

Scores

CVSS v3 7.5

EPSS 0.0020

EPSS Percentile 9.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1264 CWE-400

Status published

Products (1)

n/a/Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors See references

Published May 16, 2024

Tracked Since Feb 18, 2026