ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2023.0249
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2023-0249)
Resumen:	The remote host is missing an update for the 'microcode' package(s) announced via the MGASA-2023-0249 advisory.
Descripción:	Summary: The remote host is missing an update for the 'microcode' package(s) announced via the MGASA-2023-0249 advisory. Vulnerability Insight: This update adds initial microcode updates for AMD and Intel CPUs for the following security issues: AMD: A side channel vulnerability in some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure (CVE-2023-20569). Intel: Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access (CVE-2022-40982, INTEL-SA-00828). Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access (CVE-2022-41804, INTEL-SA-00837). Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access (CVE-2023-23908, INTEL-SA-00836). Affected Software/OS: 'microcode' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:L/AC:L/Au:M/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-40982 Debian Security Information: DSA-5474 (Google Search) https://www.debian.org/security/2023/dsa-5474 Debian Security Information: DSA-5475 (Google Search) https://www.debian.org/security/2023/dsa-5475 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/ https://access.redhat.com/solutions/7027704 https://aws.amazon.com/security/security-bulletins/AWS-2023-007/ https://downfall.page https://xenbits.xen.org/xsa/advisory-435.html http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html Common Vulnerability Exposure (CVE) ID: CVE-2022-41804 http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html Common Vulnerability Exposure (CVE) ID: CVE-2023-20569 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/ https://comsec.ethz.ch/research/microarch/inception/ https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005 http://www.openwall.com/lists/oss-security/2023/08/08/4 Common Vulnerability Exposure (CVE) ID: CVE-2023-23908 http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html
Copyright	Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.