CVE-2019-14615 – kernel: Intel graphics card information leak.
https://notcve.org/view.php?id=CVE-2019-14615
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. El flujo de control insuficiente en determinadas estructuras de datos para algunos Procesadores de Intel(R) con Intel(R) Processor Graphics, puede permitir a un usuario no autenticado habilitar potencialmente una divulgación de información por medio de un acceso local. An information disclosure flaw was found in the Linux kernel. The i915 graphics driver lacks control of flow for data structures which may allow a local, authenticated user to disclose information when using ioctl commands with an attached i915 device. The highest threat from this vulnerability is to data confidentiality. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html http://seclists.org/fulldisclosure/2020/Mar/31 https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://support.apple.com/kb/HT211100 https://usn.ubuntu.com/4253-1 https://usn.ubuntu.com/4253-2 https://us • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVE-2019-11157
https://notcve.org/view.php?id=CVE-2019-11157
Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access. Una comprobación de condiciones inapropiadas en la configuración de voltaje para algunos procesadores Intel(R) pueden permitir que un usuario con privilegios pueda permitir la escalada de privilegios y/o la divulgación de información a través del acceso local. • https://security.netapp.com/advisory/ntap-20191217-0001 https://support.f5.com/csp/article/K10321239?utm_source=f5support&%3Butm_medium=RSS https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html •
CVE-2019-14607
https://notcve.org/view.php?id=CVE-2019-14607
Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access. La verificación de condiciones inadecuadas en múltiples procesadores Intel® puede permitir a un usuario autenticado habilitar potencialmente la escalada parcial de privilegios, la denegación de servicio y / o la divulgación de información a través del acceso local. • https://security.netapp.com/advisory/ntap-20191217-0002 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html https://www.synology.com/security/advisory/Synology_SA_19_42 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2019-0117
https://notcve.org/view.php?id=CVE-2019-0117
Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. Un control de acceso insuficiente en el subsistema de memoria protegida para Intel® SGX de 6th, 7th, 8th, 9th Generation Intel® Core(TM) Processor Families; Intel® Xeon® Processor E3-1500 v5, v6 Families; Procesador Intel® Xeon® E3-1500 v5, v6 Families; Intel® Xeon® E-2100 & E-2200 Processor Families con Intel® Processor Graphics, puede habilitar a un usuario privilegiado para permitir una divulgación de información por medio de un acceso local. • https://support.f5.com/csp/article/K73837233?utm_source=f5support&%3Butm_medium=RSS https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00219.html •
CVE-2019-0124
https://notcve.org/view.php?id=CVE-2019-0124
Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access. Una protección insuficiente de la memoria en Intel® 6th Generation Core Processors y superiores, compatibles con TXT, puede habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios por medio de un acceso local. • https://support.f5.com/csp/article/K81556107?utm_source=f5support&%3Butm_medium=RSS https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00220.html •