{"id":"USN-6797-1","summary":"intel-microcode vulnerabilities","details":"It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors\ndid not properly restrict access to certain hardware features when using\nIntel® SGX or Intel® TDX. This may allow a privileged local user to\npotentially further escalate their privileges on the system. This issue only\naffected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and\nUbuntu 16.04 LTS. (CVE-2023-22655)\n\nIt was discovered that some Intel® Atom® Processors did not properly clear\nregister state when performing various operations. A local attacker could\nuse this to obtain sensitive information via a transient execution attack.\nThis issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS,\nUbuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-28746)\n\nIt was discovered that some Intel® Processors did not properly clear the\nstate of various hardware structures when switching execution contexts. A\nlocal attacker could use this to access privileged information. This issue only\naffected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and\nUbuntu 16.04 LTS. (CVE-2023-38575)\n\nIt was discovered that some Intel® Processors did not properly enforce bus\nlock regulator protections. A remote attacker could use this to cause a\ndenial of service. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS,\nUbuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-39368)\n\nIt was discovered that some Intel® Xeon® D Processors did not properly\ncalculate the SGX base key when using Intel® SGX. A privileged local\nattacker could use this to obtain sensitive information. This issue only\naffected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and\nUbuntu 16.04 LTS. (CVE-2023-43490)\n\nIt was discovered that some Intel® Processors did not properly protect against\nconcurrent accesses. A local attacker could use this to obtain sensitive\ninformation. (CVE-2023-45733)\n\nIt was discovered that some Intel® Processors TDX module software did not\nproperly validate input. A privileged local attacker could use this information\nto potentially further escalate their privileges on the system.\n(CVE-2023-45745, CVE-2023-47855)\n\nIt was discovered that some Intel® Core™ Ultra processors did not properly\nhandle particular instruction sequences. A local attacker could use this\nissue to cause a denial of service. (CVE-2023-46103)\n","modified":"2026-02-10T04:43:49Z","published":"2024-05-29T07:13:42Z","related":["UBUNTU-CVE-2023-22655","UBUNTU-CVE-2023-28746","UBUNTU-CVE-2023-38575","UBUNTU-CVE-2023-39368","UBUNTU-CVE-2023-43490","UBUNTU-CVE-2023-45733","UBUNTU-CVE-2023-45745","UBUNTU-CVE-2023-46103","UBUNTU-CVE-2023-47855"],"upstream":["CVE-2023-22655","CVE-2023-28746","CVE-2023-38575","CVE-2023-39368","CVE-2023-43490","CVE-2023-45733","CVE-2023-45745","CVE-2023-46103","CVE-2023-47855","UBUNTU-CVE-2023-22655","UBUNTU-CVE-2023-28746","UBUNTU-CVE-2023-38575","UBUNTU-CVE-2023-39368","UBUNTU-CVE-2023-43490","UBUNTU-CVE-2023-45733","UBUNTU-CVE-2023-45745","UBUNTU-CVE-2023-46103","UBUNTU-CVE-2023-47855"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6797-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-22655"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-28746"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-38575"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-39368"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-43490"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-45733"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-45745"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-46103"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-47855"}],"affected":[{"package":{"name":"intel-microcode","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/intel-microcode@3.20240514.0ubuntu0.16.04.1+esm1?arch=source&distro=esm-infra/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.20240514.0ubuntu0.16.04.1+esm1"}]}],"versions":["3.20150121.1","3.20151106.1","3.20170707.1~ubuntu16.04.0","3.20180108.0~ubuntu16.04.2","3.20180108.0+really20170707ubuntu16.04.1","3.20180312.0~ubuntu16.04.1","3.20180425.1~ubuntu0.16.04.1","3.20180425.1~ubuntu0.16.04.2","3.20180807a.0ubuntu0.16.04.1","3.20190514.0ubuntu0.16.04.1","3.20190514.0ubuntu0.16.04.2","3.20190618.0ubuntu0.16.04.1","3.20191112-0ubuntu0.16.04.2","3.20191115.1ubuntu0.16.04.1","3.20191115.1ubuntu0.16.04.2","3.20200609.0ubuntu0.16.04.0","3.20200609.0ubuntu0.16.04.1","3.20201110.0ubuntu0.16.04.1","3.20201110.0ubuntu0.16.04.2","3.20210216.0ubuntu0.16.04.1","3.20210608.0ubuntu0.16.04.1+esm1","3.20220510.0ubuntu0.16.04.1+esm1","3.20230214.0ubuntu0.16.04.1+esm1","3.20230808.0ubuntu0.16.04.1+esm1","3.20231114.0ubuntu0.16.04.1+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"intel-microcode","binary_version":"3.20240514.0ubuntu0.16.04.1+esm1"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6797-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:16.04:LTS","cves":[{"id":"CVE-2023-22655","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-28746","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-38575","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-39368","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-43490","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45733","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45745","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-46103","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-47855","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"intel-microcode","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/intel-microcode@3.20240514.0ubuntu0.18.04.1+esm1?arch=source&distro=esm-infra/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.20240514.0ubuntu0.18.04.1+esm1"}]}],"versions":["3.20170707.1","3.20171117.1","3.20180108.1","3.20180108.1+really20171117.1","3.20180312.0~ubuntu18.04.1","3.20180425.1~ubuntu0.18.04.1","3.20180425.1~ubuntu0.18.04.2","3.20180807a.0ubuntu0.18.04.1","3.20190514.0ubuntu0.18.04.2","3.20190514.0ubuntu0.18.04.3","3.20190618.0ubuntu0.18.04.1","3.20191112-0ubuntu0.18.04.2","3.20191115.1ubuntu0.18.04.1","3.20191115.1ubuntu0.18.04.2","3.20200609.0ubuntu0.18.04.0","3.20200609.0ubuntu0.18.04.1","3.20201110.0ubuntu0.18.04.1","3.20201110.0ubuntu0.18.04.2","3.20210216.0ubuntu0.18.04.1","3.20210608.0ubuntu0.18.04.1","3.20220510.0ubuntu0.18.04.1","3.20220809.0ubuntu0.18.04.1","3.20230214.0ubuntu0.18.04.1","3.20230808.0ubuntu0.18.04.1+esm1","3.20231114.0ubuntu0.18.04.1+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"intel-microcode","binary_version":"3.20240514.0ubuntu0.18.04.1+esm1"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6797-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:18.04:LTS","cves":[{"id":"CVE-2023-22655","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-28746","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-38575","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-39368","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-43490","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45733","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45745","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-46103","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-47855","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"intel-microcode","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/intel-microcode@3.20240514.0ubuntu0.20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.20240514.0ubuntu0.20.04.1"}]}],"versions":["3.20190918.1ubuntu1","3.20191115.1ubuntu1","3.20191115.1ubuntu2","3.20191115.1ubuntu3","3.20200609.0ubuntu0.20.04.0","3.20200609.0ubuntu0.20.04.1","3.20200609.0ubuntu0.20.04.2","3.20201110.0ubuntu0.20.04.1","3.20201110.0ubuntu0.20.04.2","3.20210216.0ubuntu0.20.04.1","3.20210608.0ubuntu0.20.04.1","3.20220510.0ubuntu0.20.04.1","3.20220809.0ubuntu0.20.04.1","3.20230214.0ubuntu0.20.04.1","3.20230808.0ubuntu0.20.04.1","3.20231114.0ubuntu0.20.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"intel-microcode","binary_version":"3.20240514.0ubuntu0.20.04.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6797-1.json","cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2023-22655","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-28746","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-38575","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-39368","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-43490","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45733","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45745","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-46103","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-47855","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"intel-microcode","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/intel-microcode@3.20240514.0ubuntu0.22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.20240514.0ubuntu0.22.04.1"}]}],"versions":["3.20210608.2ubuntu1","3.20220510.0ubuntu0.22.04.1","3.20220809.0ubuntu0.22.04.1","3.20230214.0ubuntu0.22.04.1","3.20230808.0ubuntu0.22.04.1","3.20231114.0ubuntu0.22.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"intel-microcode","binary_version":"3.20240514.0ubuntu0.22.04.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6797-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2023-22655","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-28746","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-38575","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-39368","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-43490","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45733","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45745","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-46103","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-47855","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"intel-microcode","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/intel-microcode@3.20240514.0ubuntu0.24.04.1?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.20240514.0ubuntu0.24.04.1"}]}],"versions":["3.20230808.1","3.20231114.0ubuntu1","3.20231114.1","3.20240312.1","3.20240312.1build1"],"ecosystem_specific":{"binaries":[{"binary_name":"intel-microcode","binary_version":"3.20240514.0ubuntu0.24.04.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6797-1.json","cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[{"id":"CVE-2023-45733","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-45745","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-46103","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-47855","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.3"}