Intel security vulnerabilityFrom: AnonUserNewsgroups:
Tue, 10 Dec 2019 22:49 UTC
View all headers
Unexpected Page Fault in Virtualized Environment Advisory
Intel ID: INTEL-SA-00317
Advisory Category: Hardware
Impact of vulnerability: Escalation of Privilege, Denial of Service, Information Disclosure
Severity rating: MEDIUM
Original release: 12/10/2019
Last revised: 12/10/2019
Summary: A potential security vulnerability in multiple Intel® processors may allow escalation of privilege, denial of service, and/or information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability.
Description: Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.
CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2nd Generation Intel® Xeon® Scalable Processor
Intel® Xeon® Scalable Processor
Intel® Xeon® D Processors
Intel® Xeon® W Processors
8th and 9th Generation Intel® Core™ i9
Client and Xeon E3 Microprocessors
Intel® Xeon® Processor E3 v5 & v6 Family
Intel® Xeon® E Processor
6th Generation Intel® Core™ Processors
7th Generation Intel® Core™ Processors
8th Generation Intel® Core™ Processor Family
9th Generation Intel® Core™ Processors Family
10th Generation Intel® Core™ Processor Family
Intel recommends that users of Intel® Processors listed above update to the latest firmware version provided by the system manufacturer that addresses these issues.
The following issue was found internally by Intel.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
Posted on RetroBBS