CVE-2023-28746
Advisory lineage Upstream: 0 Downstream: 49
Deferred
Published: 14 Mar 2024, 16:45
Last modified:12 May 2026, 10:52
Vulnerability Summary
Overall Risk (default)
medium
26/100 CVSS Score
6.5 MEDIUM
v3.1 (cve.org)
EPSS Score
0.04% LOW
0% probability -0.01%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
14 Mar 2024, 16:45
Published
Vulnerability first disclosed
12 May 2026, 10:52
Last Modified
Vulnerability information updated
Description
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Metrics
- v3.1•MEDIUM•Score: 6.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS Trends
Current EPSS score: 0.04%• Percentile: 12%
Techniques & Countermeasures
- CWE-1342•Information Exposure through Microarchitectural State after Transient Execution
The processor does not properly clear microarchitectural state after incorrect microcode assists or speculative execution, resulting in transient execution.
References (9)
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/
- http://www.openwall.com/lists/oss-security/2024/03/12/13
- https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- http://xenbits.xen.org/xsa/advisory-452.html
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html