CVE-2023-23583

Description

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.

CVSS Metrics

• v3.1•HIGH•Score: 8.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.28%• Percentile: 52%

Techniques & Countermeasures

• CWE-1281•Sequence of Processor Instructions Leads to Unexpected Behavior

  Specific combinations of processor instructions lead to undesirable behavior such as locking the processor until a hard reset performed.

• CWE-276•Incorrect Default Permissions

  During installation, installed file permissions are set to allow anyone to modify those files.

Affected Systems

• debian•debian_linux

  11.0 | 12.0

• intel•core_i3-1005g1_firmware

  na

• intel•core_i3-10100y_firmware

  na

• intel•core_i3-10110u_firmware

  na

• intel•core_i3-10110y_firmware

  na

• intel•core_i3-11100he_firmware

  na

• intel•core_i3-1110g4_firmware

  na

• intel•core_i3-1115g4_firmware

  na

• intel•core_i3-1115g4e_firmware

  na

• intel•core_i3-1115gre_firmware

  na

• intel•core_i3-1120g4_firmware

  na

• intel•core_i3-1125g4_firmware

  na

• intel•core_i5-10200h_firmware

  na

• intel•core_i5-10210u_firmware

  na

• intel•core_i5-10210y_firmware

  na

• intel•core_i5-10300h_firmware

  na

• intel•core_i5-10310u_firmware

  na

• intel•core_i5-10310y_firmware

  na

• intel•core_i5-1035g1_firmware

  na

• intel•core_i5-1035g4_firmware

  na

• intel•core_i5-1035g7_firmware

  na

• intel•core_i5-10400h_firmware

  na

• intel•core_i5-10500h_firmware

  na

• intel•core_i5-11260h_firmware

  na

• intel•core_i5-11300h_firmware

  na

• intel•core_i5-1130g7_firmware

  na

• intel•core_i5-11320h_firmware

  na

• intel•core_i5-1135g7_firmware

  na

• intel•core_i5-11400_firmware

  na

• intel•core_i5-11400f_firmware

  na

• intel•core_i5-11400h_firmware

  na

• intel•core_i5-11400t_firmware

  na

• intel•core_i5-1140g7_firmware

  na

• intel•core_i5-1145g7_firmware

  na

• intel•core_i5-1145g7e_firmware

  na

• intel•core_i5-1145gre_firmware

  na

• intel•core_i5-11500_firmware

  na

• intel•core_i5-11500h_firmware

  na

• intel•core_i5-11500he_firmware

  na

• intel•core_i5-11500t_firmware

  na

• intel•core_i5-1155g7_firmware

  na

• intel•core_i5-11600_firmware

  na

• intel•core_i5-11600k_firmware

  na

• intel•core_i5-11600kf_firmware

  na

• intel•core_i5-11600t_firmware

  na

• intel•core_i7-10510u_firmware

  na

• intel•core_i7-10510y_firmware

  na

• intel•core_i7-10610u

  na

• intel•core_i7-1065g7_firmware

  na

• intel•core_i7-10710u_firmware

  na

Showing first 50 affected entries in server-rendered view.

References (10)

• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html
• http://www.openwall.com/lists/oss-security/2023/11/14/8
• http://www.openwall.com/lists/oss-security/2023/11/14/6
• http://www.openwall.com/lists/oss-security/2023/11/14/4
• http://www.openwall.com/lists/oss-security/2023/11/14/5
• http://www.openwall.com/lists/oss-security/2023/11/14/7
• http://www.openwall.com/lists/oss-security/2023/11/14/9
• https://security.netapp.com/advisory/ntap-20231116-0015/
• https://www.debian.org/security/2023/dsa-5563
• https://lists.debian.org/debian-lts-announce/2023/12/msg00012.html