{"id":"MGASA-2024-0377","summary":"Updated microcode packages fix security vulnerabilities","details":"Improper Finite State Machines (FSMs) in the Hardware logic in some 4th\nand 5th Generation Intel® Xeon® Processors may allow an authorized user\nto potentially enable denial of service via local access.\n(CVE-2024-21853)\nImproper conditions check in some Intel® Xeon® processor memory\ncontroller configurations when using Intel® SGX may allow a privileged\nuser to potentially enable escalation of privilege via local access.\n(CVE-2024-23918)\nIncorrect default permissions in some Intel® Xeon® processor memory\ncontroller configurations when using Intel® SGX may allow a privileged\nuser to potentially enable escalation of privilege via local access.\n(CVE-2024-21820)\n","modified":"2026-04-16T00:12:27.936875047Z","published":"2024-11-27T19:59:10Z","upstream":["CVE-2024-21820","CVE-2024-21853","CVE-2024-23918"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0377.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33770"},{"type":"WEB","url":"https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112"}],"affected":[{"package":{"name":"microcode","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/microcode?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20241112-1.mga9.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0377.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}