CVE-2021-0146
https://notcve.org/view.php?id=CVE-2021-0146
Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. El hardware permite la activación de la lógica de prueba o depuración en tiempo de ejecución para algunos procesadores Intel®, lo que puede permitir a un usuario no autenticado habilitar potencialmente una escalada de privilegios por medio del acceso físico • https://security.netapp.com/advisory/ntap-20211210-0006 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html •
CVE-2020-24513 – hw: information disclosure on some Intel Atom processors
https://notcve.org/view.php?id=CVE-2020-24513
Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una vulnerabilidad en la ejecución transitoria de omisión de dominios en algunos procesadores Intel Atom® puede permitir a un usuario autenticado permitir potencialmente una divulgación de información por medio de un acceso local A potential domain bypass transient execution vulnerability was discovered on some Intel Atom® processors that uses a microarchitectural incidental channel. Currently this channel can reveal supervisor data in the L1 cache and the contents of recent stores. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access. • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html https://www.debian.org/security/2021/dsa-4934 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html https://access.redhat.com/security/cve/CVE-2020-24513 https://bugzilla.redhat.com/show_bug.cgi?id=1962666 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2020-0599
https://notcve.org/view.php?id=CVE-2020-0599
Improper access control in the PMC for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. El control de acceso inapropiado en el PMC para algunos procesadores Intel®, puede habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00360 •
CVE-2020-0559
https://notcve.org/view.php?id=CVE-2020-0559
Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Unos permisos heredados no seguros en algunos productos Intel® PROSet/Wireless WiFi en Windows* versiones 7 y 8.1 anteriores a versión 21.40.5.1, pueden permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00355.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00360.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2019-0155 – hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write
https://notcve.org/view.php?id=CVE-2019-0155
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. Un control de acceso insuficiente en un subsistema para Intel® processor graphics en 6th, 7th, 8th and 9th Generation Intel® Core(TM) Processor Families; Intel® Pentium® Processor J, N, Silver y Gold Series; Intel® Celeron® Processor J, N, G3900 y G4900 Series; Intel® Atom® Processor A y E3900 Series; Intel® Xeon® Processor E3-1500 v5 y v6, E-2100 y E-2200 Processor Families; Intel® Graphics Driver para versiones de Windows anteriores a 26.20.100.6813 (DCH) o 26.20.100.6812 y versiones anteriores a 21.20.x.5077 (también se conoce como 15.45.5077), i915 Linux Driver para Intel® Processor Graphics versiones anteriores a 5.4-rc7, 5.3. 11, 4.19.84, 4.14.154, 4.9.201, 4.4.201, puede habilitar a un usuario autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso local. A flaw was found in the Intel graphics hardware (GPU), where a local attacker with the ability to issue commands to the GPU could inadvertently lead to memory corruption and possible privilege escalation. The attacker could use the GPU blitter to perform privilege MMIO operations, not limited to the address space required to function correctly. • http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://access.redhat.com/errata/RHSA-2019:3841 https://access.redhat.com/errata/RHSA-2019:3887 https://access.redhat.com/errata/RHSA-2019:3889 https://access.redhat.com/errata/RHSA-2019:3908 https://access.redhat.com/errata/RHSA-2020:0204 https://seclists.org/bugtraq/2019/Nov/26 https://security.netapp.com/advisory/ntap-20200320-0005 https://support.f5.com/csp/article/K73659122 • CWE-284: Improper Access Control •