Headline
CVE-2023-23908
Improper access control in some 3rd Generation Intel® Xeon® Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Related news
Ubuntu Security Notice 6286-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. It was discovered that some Intel Xeon Processors did not properly restrict error injection for Intel SGX or Intel TDX. A local privileged user could use this to further escalate their privileges.
Debian Linux Security Advisory 5474-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities.