update: intel-microcode #1566

dongsupark · 2024-10-17T14:44:35Z

Name: intel-microcode
CVEs: CVE-2024-23984, CVE-2024-24968
CVSSs: 6.8, 5.6
Action Needed: update to >= 20240910

Summary:

CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html
CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html

refmap.gentoo: TBD

dongsupark · 2024-10-17T14:45:23Z

dongsupark added security security concerns advisory security advisory cvss/MEDIUM >= 4 && < 7 assessed CVSS labels Oct 17, 2024

dongsupark added this to Flatcar tactical, release planning, and roadmap Oct 17, 2024

github-project-automation bot moved this to 📝 Needs Triage in Flatcar tactical, release planning, and roadmap Oct 17, 2024

dongsupark closed this as completed Oct 17, 2024

github-project-automation bot moved this from 📝 Needs Triage to Implemented in Flatcar tactical, release planning, and roadmap Oct 17, 2024

github-actions bot mentioned this issue Oct 22, 2024

Monthly contributions report 2024-09-22 - 2024-10-21 #1568

Open

Provide feedback