CVE-2020-8703
https://notcve.org/view.php?id=CVE-2020-8703
Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access. Unas restricciones de búfer inapropiadas en un subsistema en Intel® CSME versiones anteriores a 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 y 15.0.22 pueden permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf https://security.netapp.com/advisory/ntap-20210611-0004 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2020-24507
https://notcve.org/view.php?id=CVE-2020-24507
Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access. Una inicialización inapropiada en un subsistema en Intel® CSME versiones anteriores a 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 y 15.0.22 puede habilitar a un usuario privilegiado para permitir potencialmente una divulgación de información por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf https://security.netapp.com/advisory/ntap-20210611-0004 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html • CWE-665: Improper Initialization •
CVE-2020-8672
https://notcve.org/view.php?id=CVE-2020-8672
Out of bound read in BIOS firmware for 8th, 9th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 Series Processors may allow an unauthenticated user to potentially enable elevation of privilege or denial of service via local access. Una lectura fuera de límite en el firmware del BIOS para procesadores de la Serie 4000 de octava y novena generación Intel® Coreā¢, Procesador Intel® Celeron® pueden permitir a un usuario no autenticado habilitar potencialmente la elevación de privilegios o la denegación de servicio por medio de un acceso • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00356.html • CWE-125: Out-of-bounds Read •
CVE-2020-0593
https://notcve.org/view.php?id=CVE-2020-0593
Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Unas restricciones de búfer inapropiadas en el firmware del BIOS para algunos Intel® Processors, pueden habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios por medio de un acceso local • https://security.netapp.com/advisory/ntap-20201113-0001 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00358 •
CVE-2020-8696 – hw: Vector Register Leakage-Active
https://notcve.org/view.php?id=CVE-2020-8696
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una eliminación inapropiada de información confidencial antes del almacenamiento o transferencia en algunos Intel® Processors, puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un acceso local A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state. • https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43 https://security.netapp.com/advisory/ntap-20201113-0006 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381 https://access.redhat.com/security/cve/CVE-2020-8696 https://bugzilla.redhat.com/show_bug.cgi?id=1890355 https://access.redhat.com/articles/5569051 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •