Search for packages
| purl | pkg:deb/debian/intel-microcode@3.20220510.1~deb10u1 |
| Next non-vulnerable version | 3.20260227.1 |
| Latest non-vulnerable version | 3.20260227.1 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1xju-dcmn-ube4
Aliases: CVE-2023-45745 |
intel-microcode: Improper input validation in some Intel(R) TDX module software |
Affected by 35 other vulnerabilities. |
|
VCID-2ues-wvyq-6qc9
Aliases: CVE-2025-32086 |
Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-2ytx-vj3b-rfhb
Aliases: CVE-2022-21151 |
hw: cpu: information disclosure in certain Intel processors |
Affected by 35 other vulnerabilities. |
|
VCID-3dfb-1sgt-w3a8
Aliases: CVE-2024-25939 |
Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. |
Affected by 35 other vulnerabilities. |
|
VCID-3y3x-qqep-43ec
Aliases: CVE-2024-31157 |
microcode_ctl: Improper initialization in UEFI firmware OutOfBandXML module |
Affected by 1 other vulnerability. |
|
VCID-4429-qf2w-jqg3
Aliases: CVE-2022-21166 XSA-404 |
x86: MMIO Stale Data vulnerabilities |
Affected by 35 other vulnerabilities. |
|
VCID-4bw3-w5hz-ekd1
Aliases: CVE-2023-46103 |
intel-microcode: Unexpected behavior in Intel(R) Core(TM) Ultra Processors |
Affected by 35 other vulnerabilities. |
|
VCID-4uuw-pm94-1kak
Aliases: CVE-2025-21090 |
Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access. |
Affected by 1 other vulnerability. |
|
VCID-51nr-8avm-qued
Aliases: CVE-2025-20012 |
microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-5cgx-1n9u-gqbh
Aliases: CVE-2024-45332 |
microcode_ctl: Exposure of sensitive information |
Affected by 1 other vulnerability. |
|
VCID-5dq7-wfyt-2uhz
Aliases: CVE-2023-39368 |
kernel: Possible Denial of Service on Intel(R) Processors |
Affected by 35 other vulnerabilities. |
|
VCID-5vkn-4rqc-qkbk
Aliases: CVE-2025-24495 |
microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-6ake-v15c-k7aq
Aliases: CVE-2024-21820 |
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-6mzy-wsz1-cyhf
Aliases: CVE-2022-33972 |
kernel: Intel firmware update for incorrect calculation in microcode keying mechanism |
Affected by 35 other vulnerabilities. |
|
VCID-6thk-vf9t-gygs
Aliases: CVE-2024-39279 |
microcode_ctl: Insufficient granularity of access control in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-6vn3-vpg9-gfbk
Aliases: CVE-2023-47855 |
intel-microcode: Improper input validation in some Intel® TDX module software |
Affected by 35 other vulnerabilities. |
|
VCID-75cx-avm7-tfcb
Aliases: CVE-2025-22889 |
Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-7wcy-5hnc-tfh4
Aliases: CVE-2025-20109 |
Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-8nyc-r2e4-17gr
Aliases: CVE-2025-24305 |
Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-8vx6-ctvp-8qeq
Aliases: CVE-2022-21216 |
kernel: Intel firmware update for insufficient granularity of access control in out-of-band management in some Intel Atom and Intel Xeon Scalable Processors |
Affected by 35 other vulnerabilities. |
|
VCID-9en3-y22n-wydw
Aliases: CVE-2023-43490 |
kernel: Local information disclosure on Intel(R) Xeon(R) D processors with Intel(R) SGX due to incorrect calculation in microcode |
Affected by 35 other vulnerabilities. |
|
VCID-b55f-n1ed-g7eq
Aliases: CVE-2025-20054 |
microcode_ctl: Uncaught exception in the core management mechanism |
Affected by 1 other vulnerability. |
|
VCID-bzwc-9ueu-gka1
Aliases: CVE-2024-24853 |
Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 35 other vulnerabilities. |
|
VCID-csy7-esn4-u3gq
Aliases: CVE-2022-21123 |
x86: MMIO Stale Data vulnerabilities |
Affected by 35 other vulnerabilities. |
|
VCID-dzdf-drjk-m3cj
Aliases: CVE-2023-38575 |
kernel: Local information disclosure in some Intel(R) processors |
Affected by 35 other vulnerabilities. |
|
VCID-eh71-uhnv-fqeb
Aliases: CVE-2024-39355 |
Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access. |
Affected by 1 other vulnerability. |
|
VCID-ejhc-6yqt-gkgv
Aliases: CVE-2024-28956 XSA-469 |
x86: Indirect Target Selection |
Affected by 1 other vulnerability. |
|
VCID-ejsj-eyej-huc6
Aliases: CVE-2024-23918 |
Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-f859-13vd-7uef
Aliases: CVE-2025-26403 |
Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-f91c-4ty9-h7a2
Aliases: CVE-2022-21233 |
hw: cpu: Intel: Stale Data Read from legacy xAPIC vulnerability |
Affected by 35 other vulnerabilities. |
|
VCID-fe46-8fs3-p3fd
Aliases: CVE-2022-41804 |
hw: Intel: Unauthorized error injection in Intel SGX or Intel TDX |
Affected by 35 other vulnerabilities. |
|
VCID-gmr7-umz8-9fhm
Aliases: CVE-2025-22839 |
Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. |
Affected by 1 other vulnerability. |
|
VCID-j4ak-hjn5-guat
Aliases: CVE-2025-20623 |
microcode_ctl: Exposure of sensitive information |
Affected by 1 other vulnerability. |
|
VCID-j6j9-vj4t-bfa6
Aliases: CVE-2025-20053 |
Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-jqnr-61tn-kben
Aliases: CVE-2023-45733 |
intel-microcode: Race conditions in some Intel(R) Processors |
Affected by 35 other vulnerabilities. |
|
VCID-jwaz-e1v9-uyep
Aliases: CVE-2022-21127 |
hw: cpu: Incomplete cleanup in specific special register read operations (aka SRBDS update) |
Affected by 35 other vulnerabilities. |
|
VCID-kha2-8ez1-gfhr
Aliases: CVE-2025-22840 |
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access |
Affected by 1 other vulnerability. |
|
VCID-mekt-8gm1-33ej
Aliases: CVE-2024-23984 |
Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. |
Affected by 1 other vulnerability. |
|
VCID-mu4u-d5mc-kbgk
Aliases: CVE-2024-24980 |
Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 35 other vulnerabilities. |
|
VCID-npgb-p786-d3fe
Aliases: CVE-2023-43758 |
microcode_ctl: Improper input validation in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-p2fk-8snj-x7dy
Aliases: CVE-2023-28746 XSA-452 |
x86: Register File Data Sampling |
Affected by 35 other vulnerabilities. |
|
VCID-pgps-58ra-1ugy
Aliases: CVE-2022-33196 |
kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations |
Affected by 35 other vulnerabilities. |
|
VCID-qtg5-1dxw-sfdc
Aliases: CVE-2024-29214 |
microcode_ctl: Improper input validation in UEFI firmware CseVariableStorageSmm |
Affected by 1 other vulnerability. |
|
VCID-qzcy-2xsr-vqeh
Aliases: CVE-2024-28127 |
microcode_ctl: Improper input validation in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-r46f-12hj-7ybb
Aliases: CVE-2024-24968 |
microcode_ctl: Denial of Service |
Affected by 1 other vulnerability. |
|
VCID-t56a-46c7-fybe
Aliases: CVE-2023-23908 |
hw: Intel: 3rd Generation processors may allow information disclosure |
Affected by 35 other vulnerabilities. |
|
VCID-t7rc-zadf-cybq
Aliases: CVE-2024-28047 |
microcode_ctl: Improper input validation in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-t85u-116v-7uan
Aliases: CVE-2024-24582 |
microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-td6e-x2qb-syg3
Aliases: CVE-2022-21125 |
x86: MMIO Stale Data vulnerabilities |
Affected by 35 other vulnerabilities. |
|
VCID-trxm-8mg3-4bbr
Aliases: CVE-2022-40982 XSA-435 |
x86/Intel: Gather Data Sampling |
Affected by 35 other vulnerabilities. |
|
VCID-uj7d-tpax-fqhd
Aliases: CVE-2023-22655 |
kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R) |
Affected by 35 other vulnerabilities. |
|
VCID-vsda-kq13-73g1
Aliases: CVE-2023-34440 |
microcode_ctl: Improper input validation in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-w7k1-y36j-3ye6
Aliases: CVE-2024-21853 |
kernel: microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-wgce-vves-guek
Aliases: CVE-2024-31068 |
kernel: microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-wqfe-hkrk-nbaj
Aliases: CVE-2024-43420 |
microcode_ctl: Exposure of sensitive information |
Affected by 1 other vulnerability. |
|
VCID-wv5f-6x7x-7fdw
Aliases: CVE-2024-36293 |
kernel: microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-wyf3-shyh-qyhc
Aliases: CVE-2024-37020 |
Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access. |
Affected by 1 other vulnerability. |
|
VCID-xb28-un42-1uag
Aliases: CVE-2023-42667 |
Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. |
Affected by 35 other vulnerabilities. |
|
VCID-z8gt-jznd-ryht
Aliases: CVE-2023-49141 |
Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. |
Affected by 35 other vulnerabilities. |
|
VCID-zcxx-ra5c-hyh9
Aliases: CVE-2025-20103 |
microcode_ctl: Insufficient resource pool in the core management mechanism |
Affected by 1 other vulnerability. |
|
VCID-ztyd-jwnm-m3gd
Aliases: CVE-2023-23583 |
hw: Intel: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior |
Affected by 35 other vulnerabilities. |
|
VCID-zx9g-4trv-hfgc
Aliases: CVE-2022-38090 |
kernel: Intel firmware update for improper isolation of shared resources |
Affected by 35 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2ytx-vj3b-rfhb | hw: cpu: information disclosure in certain Intel processors |
CVE-2022-21151
|
| VCID-4429-qf2w-jqg3 | x86: MMIO Stale Data vulnerabilities |
CVE-2022-21166
XSA-404 |
| VCID-csy7-esn4-u3gq | x86: MMIO Stale Data vulnerabilities |
CVE-2022-21123
|
| VCID-efqu-9zy2-xyh5 | microcode: Fast store forward predictor - Cross Domain Training |
CVE-2021-0145
|
| VCID-et7e-7pq2-eubr | hw: cpu: information disclosure in Intel® Xeon® Scalable Processors |
CVE-2021-33117
|
| VCID-f85r-c2em-vkhg | microcode: Out of bounds read for some Intel Atom processors |
CVE-2021-33120
|
| VCID-g5ab-2m1x-yqat | hw: improper isolation of shared resources in some Intel Processors |
CVE-2020-24511
|
| VCID-grm7-9n9w-ffc2 | Multiple vulnerabilities have been discovered in intel-microcode, the worst of which can lead to privilege escalation. |
CVE-2021-0127
|
| VCID-jezv-tu74-b3ae | hw: Information disclosure issue in Intel SGX via RAPL interface |
CVE-2020-8695
|
| VCID-juy7-j265-cfax | hw: Vector Register Leakage-Active |
CVE-2020-8696
|
| VCID-jwaz-e1v9-uyep | hw: cpu: Incomplete cleanup in specific special register read operations (aka SRBDS update) |
CVE-2022-21127
|
| VCID-k9bk-q1ds-6ke5 | hw: vt-d related privilege escalation |
CVE-2020-24489
|
| VCID-pxy4-1vew-vffs | hw: observable timing discrepancy in some Intel Processors |
CVE-2020-24512
|
| VCID-td6e-x2qb-syg3 | x86: MMIO Stale Data vulnerabilities |
CVE-2022-21125
|
| VCID-upx5-38qt-3kg9 | hw: Fast forward store predictor |
CVE-2020-8698
|
| VCID-x4zx-7h35-nuf6 | hw: information disclosure on some Intel Atom processors |
CVE-2020-24513
|