Search for packages
| purl | pkg:deb/debian/intel-microcode@3.20240813.1~deb11u1 |
| Next non-vulnerable version | 3.20260227.1 |
| Latest non-vulnerable version | 3.20260227.1 |
| Risk | 3.7 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2ues-wvyq-6qc9
Aliases: CVE-2025-32086 |
Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-38q7-4ar3-sqcc
Aliases: CVE-2025-31648 |
microcode_ctl: From CVEorg collector |
Affected by 0 other vulnerabilities. |
|
VCID-3y3x-qqep-43ec
Aliases: CVE-2024-31157 |
microcode_ctl: Improper initialization in UEFI firmware OutOfBandXML module |
Affected by 1 other vulnerability. |
|
VCID-4uuw-pm94-1kak
Aliases: CVE-2025-21090 |
Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access. |
Affected by 1 other vulnerability. |
|
VCID-51nr-8avm-qued
Aliases: CVE-2025-20012 |
microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-5cgx-1n9u-gqbh
Aliases: CVE-2024-45332 |
microcode_ctl: Exposure of sensitive information |
Affected by 1 other vulnerability. |
|
VCID-5vkn-4rqc-qkbk
Aliases: CVE-2025-24495 |
microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-6ake-v15c-k7aq
Aliases: CVE-2024-21820 |
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-6thk-vf9t-gygs
Aliases: CVE-2024-39279 |
microcode_ctl: Insufficient granularity of access control in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-75cx-avm7-tfcb
Aliases: CVE-2025-22889 |
Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-7wcy-5hnc-tfh4
Aliases: CVE-2025-20109 |
Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-8nyc-r2e4-17gr
Aliases: CVE-2025-24305 |
Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-b55f-n1ed-g7eq
Aliases: CVE-2025-20054 |
microcode_ctl: Uncaught exception in the core management mechanism |
Affected by 1 other vulnerability. |
|
VCID-eh71-uhnv-fqeb
Aliases: CVE-2024-39355 |
Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access. |
Affected by 1 other vulnerability. |
|
VCID-ejhc-6yqt-gkgv
Aliases: CVE-2024-28956 XSA-469 |
x86: Indirect Target Selection |
Affected by 1 other vulnerability. |
|
VCID-ejsj-eyej-huc6
Aliases: CVE-2024-23918 |
Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-f859-13vd-7uef
Aliases: CVE-2025-26403 |
Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-gmr7-umz8-9fhm
Aliases: CVE-2025-22839 |
Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. |
Affected by 1 other vulnerability. |
|
VCID-j4ak-hjn5-guat
Aliases: CVE-2025-20623 |
microcode_ctl: Exposure of sensitive information |
Affected by 1 other vulnerability. |
|
VCID-j6j9-vj4t-bfa6
Aliases: CVE-2025-20053 |
Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. |
Affected by 1 other vulnerability. |
|
VCID-kha2-8ez1-gfhr
Aliases: CVE-2025-22840 |
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access |
Affected by 1 other vulnerability. |
|
VCID-mekt-8gm1-33ej
Aliases: CVE-2024-23984 |
Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. |
Affected by 1 other vulnerability. |
|
VCID-npgb-p786-d3fe
Aliases: CVE-2023-43758 |
microcode_ctl: Improper input validation in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-qtg5-1dxw-sfdc
Aliases: CVE-2024-29214 |
microcode_ctl: Improper input validation in UEFI firmware CseVariableStorageSmm |
Affected by 1 other vulnerability. |
|
VCID-qzcy-2xsr-vqeh
Aliases: CVE-2024-28127 |
microcode_ctl: Improper input validation in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-r46f-12hj-7ybb
Aliases: CVE-2024-24968 |
microcode_ctl: Denial of Service |
Affected by 1 other vulnerability. |
|
VCID-t7rc-zadf-cybq
Aliases: CVE-2024-28047 |
microcode_ctl: Improper input validation in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-t85u-116v-7uan
Aliases: CVE-2024-24582 |
microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-vsda-kq13-73g1
Aliases: CVE-2023-34440 |
microcode_ctl: Improper input validation in UEFI firmware |
Affected by 1 other vulnerability. |
|
VCID-w7k1-y36j-3ye6
Aliases: CVE-2024-21853 |
kernel: microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-wgce-vves-guek
Aliases: CVE-2024-31068 |
kernel: microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-wqfe-hkrk-nbaj
Aliases: CVE-2024-43420 |
microcode_ctl: Exposure of sensitive information |
Affected by 1 other vulnerability. |
|
VCID-wv5f-6x7x-7fdw
Aliases: CVE-2024-36293 |
kernel: microcode_ctl: From CVEorg collector |
Affected by 1 other vulnerability. |
|
VCID-wyf3-shyh-qyhc
Aliases: CVE-2024-37020 |
Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access. |
Affected by 1 other vulnerability. |
|
VCID-zcxx-ra5c-hyh9
Aliases: CVE-2025-20103 |
microcode_ctl: Insufficient resource pool in the core management mechanism |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1xju-dcmn-ube4 | intel-microcode: Improper input validation in some Intel(R) TDX module software |
CVE-2023-45745
|
| VCID-2ytx-vj3b-rfhb | hw: cpu: information disclosure in certain Intel processors |
CVE-2022-21151
|
| VCID-3dfb-1sgt-w3a8 | Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. |
CVE-2024-25939
|
| VCID-4429-qf2w-jqg3 | x86: MMIO Stale Data vulnerabilities |
CVE-2022-21166
XSA-404 |
| VCID-4bw3-w5hz-ekd1 | intel-microcode: Unexpected behavior in Intel(R) Core(TM) Ultra Processors |
CVE-2023-46103
|
| VCID-5dq7-wfyt-2uhz | kernel: Possible Denial of Service on Intel(R) Processors |
CVE-2023-39368
|
| VCID-6mzy-wsz1-cyhf | kernel: Intel firmware update for incorrect calculation in microcode keying mechanism |
CVE-2022-33972
|
| VCID-6vn3-vpg9-gfbk | intel-microcode: Improper input validation in some Intel® TDX module software |
CVE-2023-47855
|
| VCID-8vx6-ctvp-8qeq | kernel: Intel firmware update for insufficient granularity of access control in out-of-band management in some Intel Atom and Intel Xeon Scalable Processors |
CVE-2022-21216
|
| VCID-9en3-y22n-wydw | kernel: Local information disclosure on Intel(R) Xeon(R) D processors with Intel(R) SGX due to incorrect calculation in microcode |
CVE-2023-43490
|
| VCID-bzwc-9ueu-gka1 | Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. |
CVE-2024-24853
|
| VCID-csy7-esn4-u3gq | x86: MMIO Stale Data vulnerabilities |
CVE-2022-21123
|
| VCID-dzdf-drjk-m3cj | kernel: Local information disclosure in some Intel(R) processors |
CVE-2023-38575
|
| VCID-f91c-4ty9-h7a2 | hw: cpu: Intel: Stale Data Read from legacy xAPIC vulnerability |
CVE-2022-21233
|
| VCID-fe46-8fs3-p3fd | hw: Intel: Unauthorized error injection in Intel SGX or Intel TDX |
CVE-2022-41804
|
| VCID-jqnr-61tn-kben | intel-microcode: Race conditions in some Intel(R) Processors |
CVE-2023-45733
|
| VCID-jwaz-e1v9-uyep | hw: cpu: Incomplete cleanup in specific special register read operations (aka SRBDS update) |
CVE-2022-21127
|
| VCID-mu4u-d5mc-kbgk | Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
CVE-2024-24980
|
| VCID-p2fk-8snj-x7dy | x86: Register File Data Sampling |
CVE-2023-28746
XSA-452 |
| VCID-pgps-58ra-1ugy | kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations |
CVE-2022-33196
|
| VCID-t56a-46c7-fybe | hw: Intel: 3rd Generation processors may allow information disclosure |
CVE-2023-23908
|
| VCID-td6e-x2qb-syg3 | x86: MMIO Stale Data vulnerabilities |
CVE-2022-21125
|
| VCID-trxm-8mg3-4bbr | x86/Intel: Gather Data Sampling |
CVE-2022-40982
XSA-435 |
| VCID-uj7d-tpax-fqhd | kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R) |
CVE-2023-22655
|
| VCID-xb28-un42-1uag | Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. |
CVE-2023-42667
|
| VCID-z8gt-jznd-ryht | Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. |
CVE-2023-49141
|
| VCID-ztyd-jwnm-m3gd | hw: Intel: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior |
CVE-2023-23583
|
| VCID-zx9g-4trv-hfgc | kernel: Intel firmware update for improper isolation of shared resources |
CVE-2022-38090
|