CVE-2020-0587
https://notcve.org/view.php?id=CVE-2020-0587
Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Una comprobación de condiciones inapropiadas en el firmware del BIOS para algunos Intel® Processors puede habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios por medio de un acceso local • https://security.netapp.com/advisory/ntap-20201113-0001 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00358 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2020-0590
https://notcve.org/view.php?id=CVE-2020-0590
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Una comprobación inapropiada de la entrada en el firmware del BIOS para algunos Intel® Processors puede habilitar a un usuario autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf https://security.netapp.com/advisory/ntap-20201113-0001 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00358 • CWE-20: Improper Input Validation •
CVE-2020-8696 – hw: Vector Register Leakage-Active
https://notcve.org/view.php?id=CVE-2020-8696
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una eliminación inapropiada de información confidencial antes del almacenamiento o transferencia en algunos Intel® Processors, puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un acceso local A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state. • https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43 https://security.netapp.com/advisory/ntap-20201113-0006 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381 https://access.redhat.com/security/cve/CVE-2020-8696 https://bugzilla.redhat.com/show_bug.cgi?id=1890355 https://access.redhat.com/articles/5569051 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVE-2020-8698 – hw: Fast forward store predictor
https://notcve.org/view.php?id=CVE-2020-8698
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Un aislamiento inapropiado de los recursos compartidos en algunos Intel® Processors, puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un acceso local A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU. • https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43 https://security.netapp.com/advisory/ntap-20201113-0006 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381 https://access.redhat.com/security/cve/CVE-2020-8698 https://bugzilla.redhat.com/show_bug.cgi?id=1890356 https • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2020-0571
https://notcve.org/view.php?id=CVE-2020-0571
Improper conditions check in BIOS firmware for 8th Generation Intel(R) Core(TM) Processors and Intel(R) Pentium(R) Silver Processor Series may allow an authenticated user to potentially enable information disclosure via local access. Una comprobación de condiciones inapropiada en el firmware de la BIOS para los Procesadores Intel® Coreā¢ de 8va Generación y la serie de Procesadores Intel® Pentium® Silver, puede permitir a un usuario autentificado habilitar potencialmente una divulgación de información por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00347.html •