CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-31146 – PCI device pass-through with shared resources
https://notcve.org/view.php?id=CVE-2024-31146
25 Sep 2024 — When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration cannot really be security-supported, yet making that explicit was so far missing. Resources the sharing of which is known to be problematic include, but are not limited to - - PCI Base Address Registers (BARs) of multiple devices mapping ... • https://xenbits.xenproject.org/xsa/advisory-461.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-31145 – error handling in x86 IOMMU identity mapping
https://notcve.org/view.php?id=CVE-2024-31145
25 Sep 2024 — Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. In the logic establishing these mappings, error handling was fl... • https://xenbits.xenproject.org/xsa/advisory-460.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-23984 – Ubuntu Security Notice USN-7149-1
https://notcve.org/view.php?id=CVE-2024-23984
16 Sep 2024 — Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Avraham Shalev and Nagaraju N Kodalapura discovered that some Intel Xeon processors did not properly restrict access to the memory controller when using Intel SGX. This may allow a local privileged attacker to further escalate their privileges. It was discovered that some 4th and 5th Generation Intel Xeon Processors did not properly implement finite... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html • CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 0%CPEs: 15EXPL: 0CVE-2024-24968 – microcode_ctl: Denial of Service
https://notcve.org/view.php?id=CVE-2024-24968
16 Sep 2024 — Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. A flaw was found in intel Processors. Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to enable a denial of service via local access. Avraham Shalev and Nagaraju N Kodalapura discovered that some Intel Xeon processors did not properly restrict access to the memory controlle... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html • CWE-1245: Improper Finite State Machines (FSMs) in Hardware Logic •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-41996
https://notcve.org/view.php?id=CVE-2024-41996
26 Aug 2024 — Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key. • https://dheatattack.gitlab.io/details • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-44070
https://notcve.org/view.php?id=CVE-2024-44070
19 Aug 2024 — An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value. • https://github.com/FRRouting/frr/pull/16497 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2023-42667
https://notcve.org/view.php?id=CVE-2023-42667
14 Aug 2024 — Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01038.html • CWE-1189: Improper Isolation of Shared Resources on System-on-a-Chip (SoC) •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-49141
https://notcve.org/view.php?id=CVE-2023-49141
14 Aug 2024 — Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01046.html • CWE-1189: Improper Isolation of Shared Resources on System-on-a-Chip (SoC) •
CVSS: 7.3EPSS: 0%CPEs: 16EXPL: 0CVE-2024-24853
https://notcve.org/view.php?id=CVE-2024-24853
14 Aug 2024 — Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01083.html • CWE-696: Incorrect Behavior Order •
CVSS: 6.9EPSS: 0%CPEs: 15EXPL: 0CVE-2024-24980
https://notcve.org/view.php?id=CVE-2024-24980
14 Aug 2024 — Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01100.html • CWE-693: Protection Mechanism Failure •