Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for xeon_platinum_8280m_firmware by intel

    CVE-2022-26373 (GCVE-0-2022-26373)

    Vulnerability from nvd – Published: 2022-08-18 00:00 – Updated: 2025-05-05 16:22
    VLAI
    Summary
    Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:03:32.895Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00706.html"
              },
              {
                "name": "[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
              },
              {
                "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20221007-0005/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-26373",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:20:22.737694Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T16:22:27.550Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00706.html"
            },
            {
              "name": "[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
            },
            {
              "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20221007-0005/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2022-26373",
        "datePublished": "2022-08-18T00:00:00.000Z",
        "dateReserved": "2022-05-11T00:00:00.000Z",
        "dateUpdated": "2025-05-05T16:22:27.550Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-14607 (GCVE-0-2019-14607)

    Vulnerability from nvd – Published: 2019-12-16 19:10 – Updated: 2024-08-05 00:19
    VLAI
    Summary
    Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel® Processors Affected: See References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:19:41.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20191217-0002/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.synology.com/security/advisory/Synology_SA_19_42"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel\u00ae Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See References"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper conditions check in multiple Intel\u00ae Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-26T03:06:05.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20191217-0002/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_42"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-14607",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel\u00ae Processors",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See References"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper conditions check in multiple Intel\u00ae Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20191217-0002/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20191217-0002/"
                },
                {
                  "name": "https://www.synology.com/security/advisory/Synology_SA_19_42",
                  "refsource": "CONFIRM",
                  "url": "https://www.synology.com/security/advisory/Synology_SA_19_42"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-14607",
        "datePublished": "2019-12-16T19:10:09.000Z",
        "dateReserved": "2019-08-03T00:00:00.000Z",
        "dateUpdated": "2024-08-05T00:19:41.364Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-0152 (GCVE-0-2019-0152)

    Vulnerability from nvd – Published: 2019-11-14 19:06 – Updated: 2024-08-04 17:44
    VLAI
    Summary
    Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege
    Assigner
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – Intel(R) Processor Security Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:44:14.767Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03971en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K34425791?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 Intel(R) Processor Security",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-11T11:06:03.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03971en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K34425791?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-0152",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 Intel(R) Processor Security",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03971en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03971en_us"
                },
                {
                  "name": "https://support.f5.com/csp/article/K34425791?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K34425791?utm_source=f5support\u0026amp;utm_medium=RSS"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-0152",
        "datePublished": "2019-11-14T19:06:54.000Z",
        "dateReserved": "2018-11-13T00:00:00.000Z",
        "dateUpdated": "2024-08-04T17:44:14.767Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12207 (GCVE-0-2018-12207)

    Vulnerability from nvd – Published: 2019-11-14 19:08 – Updated: 2024-08-05 08:30
    VLAI
    Summary
    Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service
    Assigner
    References
    URL Tags
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://access.redhat.com/errata/RHSA-2019:3916 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3936 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3941 vendor-advisoryx_refsource_REDHAT
    https://usn.ubuntu.com/4186-2/ vendor-advisoryx_refsource_UBUNTU
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    https://access.redhat.com/errata/RHSA-2020:0026 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2020:0028 vendor-advisoryx_refsource_REDHAT
    https://www.debian.org/security/2020/dsa-4602 vendor-advisoryx_refsource_DEBIAN
    https://seclists.org/bugtraq/2020/Jan/21 mailing-listx_refsource_BUGTRAQ
    https://access.redhat.com/errata/RHSA-2020:0204 vendor-advisoryx_refsource_REDHAT
    https://security.gentoo.org/glsa/202003-56 vendor-advisoryx_refsource_GENTOO
    https://www.oracle.com/security-alerts/cpujul2020.html x_refsource_MISC
    https://www.intel.com/content/www/us/en/security-… x_refsource_MISC
    https://support.f5.com/csp/article/K17269881?utm_… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – Intel(R) Processor Machine Check Error Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:30:58.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2019-376ec5c107",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
              },
              {
                "name": "RHSA-2019:3916",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3916"
              },
              {
                "name": "RHSA-2019:3936",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3936"
              },
              {
                "name": "RHSA-2019:3941",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3941"
              },
              {
                "name": "USN-4186-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4186-2/"
              },
              {
                "name": "FEDORA-2019-cbb732f760",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
              },
              {
                "name": "openSUSE-SU-2019:2710",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
              },
              {
                "name": "RHSA-2020:0026",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0026"
              },
              {
                "name": "RHSA-2020:0028",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0028"
              },
              {
                "name": "DSA-4602",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4602"
              },
              {
                "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "https://seclists.org/bugtraq/2020/Jan/21"
              },
              {
                "name": "RHSA-2020:0204",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0204"
              },
              {
                "name": "GLSA-202003-56",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202003-56"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 Intel(R) Processor Machine Check Error",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-15T02:22:57.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "FEDORA-2019-376ec5c107",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
            },
            {
              "name": "RHSA-2019:3916",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3916"
            },
            {
              "name": "RHSA-2019:3936",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3936"
            },
            {
              "name": "RHSA-2019:3941",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3941"
            },
            {
              "name": "USN-4186-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4186-2/"
            },
            {
              "name": "FEDORA-2019-cbb732f760",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
            },
            {
              "name": "openSUSE-SU-2019:2710",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
            },
            {
              "name": "RHSA-2020:0026",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0026"
            },
            {
              "name": "RHSA-2020:0028",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0028"
            },
            {
              "name": "DSA-4602",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4602"
            },
            {
              "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "https://seclists.org/bugtraq/2020/Jan/21"
            },
            {
              "name": "RHSA-2020:0204",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0204"
            },
            {
              "name": "GLSA-202003-56",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202003-56"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2018-12207",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 Intel(R) Processor Machine Check Error",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2019-376ec5c107",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
                },
                {
                  "name": "RHSA-2019:3916",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3916"
                },
                {
                  "name": "RHSA-2019:3936",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3936"
                },
                {
                  "name": "RHSA-2019:3941",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3941"
                },
                {
                  "name": "USN-4186-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4186-2/"
                },
                {
                  "name": "FEDORA-2019-cbb732f760",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
                },
                {
                  "name": "openSUSE-SU-2019:2710",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
                },
                {
                  "name": "RHSA-2020:0026",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0026"
                },
                {
                  "name": "RHSA-2020:0028",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0028"
                },
                {
                  "name": "DSA-4602",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4602"
                },
                {
                  "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
                  "refsource": "BUGTRAQ",
                  "url": "https://seclists.org/bugtraq/2020/Jan/21"
                },
                {
                  "name": "RHSA-2020:0204",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0204"
                },
                {
                  "name": "GLSA-202003-56",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202003-56"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
                },
                {
                  "name": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-12207",
        "datePublished": "2019-11-14T19:08:45.000Z",
        "dateReserved": "2018-06-11T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:30:58.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-11137 (GCVE-0-2019-11137)

    Vulnerability from nvd – Published: 2019-11-14 16:56 – Updated: 2024-08-04 22:48
    VLAI
    Summary
    Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – UEFI Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:48:08.996Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 UEFI",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-22T08:07:05.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-11137",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 UEFI",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
                },
                {
                  "name": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-11137",
        "datePublished": "2019-11-14T16:56:56.000Z",
        "dateReserved": "2019-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:48:08.996Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-11136 (GCVE-0-2019-11136)

    Vulnerability from nvd – Published: 2019-11-14 16:56 – Updated: 2024-08-04 22:48
    VLAI
    Summary
    Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – UEFI Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:48:08.634Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 UEFI",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-22T08:07:04.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-11136",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 UEFI",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
                },
                {
                  "name": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-11136",
        "datePublished": "2019-11-14T16:56:37.000Z",
        "dateReserved": "2019-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:48:08.634Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-26373 (GCVE-0-2022-26373)

    Vulnerability from cvelistv5 – Published: 2022-08-18 00:00 – Updated: 2025-05-05 16:22
    VLAI
    Summary
    Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:03:32.895Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00706.html"
              },
              {
                "name": "[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
              },
              {
                "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20221007-0005/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-26373",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:20:22.737694Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T16:22:27.550Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00706.html"
            },
            {
              "name": "[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
            },
            {
              "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20221007-0005/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2022-26373",
        "datePublished": "2022-08-18T00:00:00.000Z",
        "dateReserved": "2022-05-11T00:00:00.000Z",
        "dateUpdated": "2025-05-05T16:22:27.550Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-14607 (GCVE-0-2019-14607)

    Vulnerability from cvelistv5 – Published: 2019-12-16 19:10 – Updated: 2024-08-05 00:19
    VLAI
    Summary
    Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel® Processors Affected: See References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:19:41.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20191217-0002/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.synology.com/security/advisory/Synology_SA_19_42"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel\u00ae Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See References"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper conditions check in multiple Intel\u00ae Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-26T03:06:05.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20191217-0002/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_42"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-14607",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel\u00ae Processors",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See References"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper conditions check in multiple Intel\u00ae Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20191217-0002/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20191217-0002/"
                },
                {
                  "name": "https://www.synology.com/security/advisory/Synology_SA_19_42",
                  "refsource": "CONFIRM",
                  "url": "https://www.synology.com/security/advisory/Synology_SA_19_42"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-14607",
        "datePublished": "2019-12-16T19:10:09.000Z",
        "dateReserved": "2019-08-03T00:00:00.000Z",
        "dateUpdated": "2024-08-05T00:19:41.364Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12207 (GCVE-0-2018-12207)

    Vulnerability from cvelistv5 – Published: 2019-11-14 19:08 – Updated: 2024-08-05 08:30
    VLAI
    Summary
    Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service
    Assigner
    References
    URL Tags
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://access.redhat.com/errata/RHSA-2019:3916 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3936 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3941 vendor-advisoryx_refsource_REDHAT
    https://usn.ubuntu.com/4186-2/ vendor-advisoryx_refsource_UBUNTU
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    https://access.redhat.com/errata/RHSA-2020:0026 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2020:0028 vendor-advisoryx_refsource_REDHAT
    https://www.debian.org/security/2020/dsa-4602 vendor-advisoryx_refsource_DEBIAN
    https://seclists.org/bugtraq/2020/Jan/21 mailing-listx_refsource_BUGTRAQ
    https://access.redhat.com/errata/RHSA-2020:0204 vendor-advisoryx_refsource_REDHAT
    https://security.gentoo.org/glsa/202003-56 vendor-advisoryx_refsource_GENTOO
    https://www.oracle.com/security-alerts/cpujul2020.html x_refsource_MISC
    https://www.intel.com/content/www/us/en/security-… x_refsource_MISC
    https://support.f5.com/csp/article/K17269881?utm_… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – Intel(R) Processor Machine Check Error Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:30:58.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2019-376ec5c107",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
              },
              {
                "name": "RHSA-2019:3916",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3916"
              },
              {
                "name": "RHSA-2019:3936",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3936"
              },
              {
                "name": "RHSA-2019:3941",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3941"
              },
              {
                "name": "USN-4186-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4186-2/"
              },
              {
                "name": "FEDORA-2019-cbb732f760",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
              },
              {
                "name": "openSUSE-SU-2019:2710",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
              },
              {
                "name": "RHSA-2020:0026",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0026"
              },
              {
                "name": "RHSA-2020:0028",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0028"
              },
              {
                "name": "DSA-4602",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4602"
              },
              {
                "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "https://seclists.org/bugtraq/2020/Jan/21"
              },
              {
                "name": "RHSA-2020:0204",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0204"
              },
              {
                "name": "GLSA-202003-56",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202003-56"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 Intel(R) Processor Machine Check Error",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-15T02:22:57.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "FEDORA-2019-376ec5c107",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
            },
            {
              "name": "RHSA-2019:3916",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3916"
            },
            {
              "name": "RHSA-2019:3936",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3936"
            },
            {
              "name": "RHSA-2019:3941",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3941"
            },
            {
              "name": "USN-4186-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4186-2/"
            },
            {
              "name": "FEDORA-2019-cbb732f760",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
            },
            {
              "name": "openSUSE-SU-2019:2710",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
            },
            {
              "name": "RHSA-2020:0026",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0026"
            },
            {
              "name": "RHSA-2020:0028",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0028"
            },
            {
              "name": "DSA-4602",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4602"
            },
            {
              "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "https://seclists.org/bugtraq/2020/Jan/21"
            },
            {
              "name": "RHSA-2020:0204",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0204"
            },
            {
              "name": "GLSA-202003-56",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202003-56"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2018-12207",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 Intel(R) Processor Machine Check Error",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2019-376ec5c107",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
                },
                {
                  "name": "RHSA-2019:3916",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3916"
                },
                {
                  "name": "RHSA-2019:3936",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3936"
                },
                {
                  "name": "RHSA-2019:3941",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3941"
                },
                {
                  "name": "USN-4186-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4186-2/"
                },
                {
                  "name": "FEDORA-2019-cbb732f760",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
                },
                {
                  "name": "openSUSE-SU-2019:2710",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
                },
                {
                  "name": "RHSA-2020:0026",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0026"
                },
                {
                  "name": "RHSA-2020:0028",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0028"
                },
                {
                  "name": "DSA-4602",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4602"
                },
                {
                  "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
                  "refsource": "BUGTRAQ",
                  "url": "https://seclists.org/bugtraq/2020/Jan/21"
                },
                {
                  "name": "RHSA-2020:0204",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0204"
                },
                {
                  "name": "GLSA-202003-56",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202003-56"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
                },
                {
                  "name": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-12207",
        "datePublished": "2019-11-14T19:08:45.000Z",
        "dateReserved": "2018-06-11T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:30:58.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-0152 (GCVE-0-2019-0152)

    Vulnerability from cvelistv5 – Published: 2019-11-14 19:06 – Updated: 2024-08-04 17:44
    VLAI
    Summary
    Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege
    Assigner
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – Intel(R) Processor Security Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:44:14.767Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03971en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K34425791?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 Intel(R) Processor Security",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-11T11:06:03.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03971en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K34425791?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-0152",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 Intel(R) Processor Security",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03971en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03971en_us"
                },
                {
                  "name": "https://support.f5.com/csp/article/K34425791?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K34425791?utm_source=f5support\u0026amp;utm_medium=RSS"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-0152",
        "datePublished": "2019-11-14T19:06:54.000Z",
        "dateReserved": "2018-11-13T00:00:00.000Z",
        "dateUpdated": "2024-08-04T17:44:14.767Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-11137 (GCVE-0-2019-11137)

    Vulnerability from cvelistv5 – Published: 2019-11-14 16:56 – Updated: 2024-08-04 22:48
    VLAI
    Summary
    Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – UEFI Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:48:08.996Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 UEFI",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-22T08:07:05.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-11137",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 UEFI",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
                },
                {
                  "name": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-11137",
        "datePublished": "2019-11-14T16:56:56.000Z",
        "dateReserved": "2019-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:48:08.996Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-11136 (GCVE-0-2019-11136)

    Vulnerability from cvelistv5 – Published: 2019-11-14 16:56 – Updated: 2024-08-04 22:48
    VLAI
    Summary
    Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – UEFI Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:48:08.634Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 UEFI",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-22T08:07:04.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-11136",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 UEFI",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03967en_us"
                },
                {
                  "name": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K56215245?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-11136",
        "datePublished": "2019-11-14T16:56:37.000Z",
        "dateReserved": "2019-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:48:08.634Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }