Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-41804

Unauthorized error injection in Intel® SGX or Intel® TDX for some Intel® Xeon® Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVE
#intel#auth

Related news

Ubuntu Security Notice USN-6286-1

Ubuntu Security Notice 6286-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. It was discovered that some Intel Xeon Processors did not properly restrict error injection for Intel SGX or Intel TDX. A local privileged user could use this to further escalate their privileges.

Debian Security Advisory 5474-1

Debian Linux Security Advisory 5474-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907