Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.4
CVSSv3

CVE-2023-23908

Published: 11/08/2023 Updated: 07/11/2023
CVSS v3 Base Score: 4.4 | Impact Score: 3.6 | Exploitability Score: 0.8
VMScore: 0
Subscribe to Microcode

Vulnerability Summary

Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.

Vulnerable Product Search on Vulmon Subscribe to Product

intel microcode

debian debian linux 10.0

debian debian linux 11.0

debian debian linux 12.0

fedoraproject fedora 37

fedoraproject fedora 38

intel xeon_d-2745nx_firmware -

intel xeon_d-2757nx_firmware -

intel xeon_d-2777nx_firmware -

intel xeon_d-2798nx_firmware -

intel xeon_d-1702_firmware -

intel xeon_d-1712tr_firmware -

intel xeon_d-1713nt_firmware -

intel xeon_d-1713nte_firmware -

intel xeon_d-1714_firmware -

intel xeon_d-1715ter_firmware -

intel xeon_d-1718t_firmware -

intel xeon_d-1722ne_firmware -

intel xeon_d-1726_firmware -

intel xeon_d-1732te_firmware -

intel xeon_d-1733nt_firmware -

intel xeon_d-1734nt_firmware -

intel xeon_d-1735tr_firmware -

intel xeon_d-1736_firmware -

intel xeon_d-1736nt_firmware -

intel xeon_d-1739_firmware -

intel xeon_d-1746ter_firmware -

intel xeon_d-1747nte_firmware -

intel xeon_d-1748te_firmware -

intel xeon_d-1749nt_firmware -

intel xeon_d-2712t_firmware -

intel xeon_d-2733nt_firmware -

intel xeon_d-2738_firmware -

intel xeon_d-2752nte_firmware -

intel xeon_d-2752ter_firmware -

intel xeon_d-2753nt_firmware -

intel xeon_d-2766nt_firmware -

intel xeon_d-2775te_firmware -

intel xeon_d-2776nt_firmware -

intel xeon_d-2779_firmware -

intel xeon_d-2786nte_firmware -

intel xeon_d-2795nt_firmware -

intel xeon_d-2796nt_firmware -

intel xeon_d-2796te_firmware -

intel xeon_d-2798nt_firmware -

intel xeon_d-2799_firmware -

intel xeon_d-1602_firmware -

intel xeon_d-1622_firmware -

intel xeon_d-1623n_firmware -

intel xeon_d-1627_firmware -

intel xeon_d-1633n_firmware -

intel xeon_d-1637_firmware -

intel xeon_d-1649n_firmware -

intel xeon_d-1653n_firmware -

intel xeon_d-2123it_firmware -

intel xeon_d-2141i_firmware -

intel xeon_d-2142it_firmware -

intel xeon_d-2143it_firmware -

intel xeon_d-2145nt_firmware -

intel xeon_d-2146nt_firmware -

intel xeon_d-2161i_firmware -

intel xeon_d-2163it_firmware -

intel xeon_d-2166nt_firmware -

intel xeon_d-2173it_firmware -

intel xeon_d-2177nt_firmware -

intel xeon_d-2183it_firmware -

intel xeon_d-2187nt_firmware -

intel xeon_d-1513n_firmware -

intel xeon_d-1523n_firmware -

intel xeon_d-1533n_firmware -

intel xeon_d-1543n_firmware -

intel xeon_d-1553n_firmware -

intel xeon_d-1529_firmware -

intel xeon_d-1539_firmware -

intel xeon_d-1559_firmware -

intel xeon_d-1557_firmware -

intel xeon_d-1567_firmware -

intel xeon_d-1571_firmware -

intel xeon_d-1577_firmware -

intel xeon_d-1518_firmware -

intel xeon_d-1521_firmware -

intel xeon_d-1527_firmware -

intel xeon_d-1528_firmware -

intel xeon_d-1531_firmware -

intel xeon_d-1537_firmware -

intel xeon_d-1541_firmware -

intel xeon_d-1548_firmware -

intel xeon_d-1520_firmware -

intel xeon_d-1540_firmware -

intel xeon_gold_5315y_firmware -

intel xeon_gold_5317_firmware -

intel xeon_gold_5318n_firmware -

intel xeon_gold_5318s_firmware -

intel xeon_gold_5318y_firmware -

intel xeon_gold_5320_firmware -

intel xeon_gold_5320t_firmware -

intel xeon_gold_6312u_firmware -

intel xeon_gold_6314u_firmware -

intel xeon_gold_6326_firmware -

intel xeon_gold_6330_firmware -

intel xeon_gold_6330n_firmware -

intel xeon_gold_6334_firmware -

intel xeon_gold_6336y_firmware -

intel xeon_gold_6338_firmware -

intel xeon_gold_6338n_firmware -

intel xeon_gold_6338t_firmware -

intel xeon_gold_6342_firmware -

intel xeon_gold_6346_firmware -

intel xeon_gold_6348_firmware -

intel xeon_gold_6354_firmware -

intel xeon_platinum_8351n_firmware -

intel xeon_platinum_8352m_firmware -

intel xeon_platinum_8352s_firmware -

intel xeon_platinum_8352v_firmware -

intel xeon_platinum_8352y_firmware -

intel xeon_platinum_8358_firmware -

intel xeon_platinum_8358p_firmware -

intel xeon_platinum_8360y_firmware -

intel xeon_platinum_8362_firmware -

intel xeon_platinum_8368_firmware -

intel xeon_platinum_8368q_firmware -

intel xeon_platinum_8380_firmware -

intel xeon_silver_4309y_firmware -

intel xeon_silver_4310_firmware -

intel xeon_silver_4310t_firmware -

intel xeon_silver_4314_firmware -

intel xeon_silver_4316_firmware -

intel xeon_gold_6330h_firmware -

intel xeon_platinum_8356h_firmware -

intel xeon_platinum_8360h_firmware -

intel xeon_platinum_8360hl_firmware -

intel xeon_gold_5318h_firmware -

intel xeon_gold_5320h_firmware -

intel xeon_gold_6328h_firmware -

intel xeon_gold_6328hl_firmware -

intel xeon_gold_6348h_firmware -

intel xeon_platinum_8353h_firmware -

intel xeon_platinum_8354h_firmware -

intel xeon_platinum_8376h_firmware -

intel xeon_platinum_8376hl_firmware -

intel xeon_platinum_8380h_firmware -

intel xeon_platinum_8380hl_firmware -

Vendor Advisories

Debian CVElist Bug Report Logs: intel-microcode: CVE-2022-40982 CVE-2022-41804 CVE-2023-23908
Debian Bug report logs - #1043305 intel-microcode: CVE-2022-40982 CVE-2022-41804 CVE-2023-23908 Package: src:intel-microcode; Maintainer for src:intel-microcode is Henrique de Moraes Holschuh <hmh@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 8 Aug 2023 19:27:04 UTC Severity: grave Ta ...
Debian Security Advisories: DSA-5474-1 intel-microcode -- security update
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability which allows unprivileged speculative access to data which was previously stored in vector registers For details p ...
Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access ...

References

NVD-CWE-noinfohttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.htmlhttps://www.debian.org/security/2023/dsa-5474https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/https://lists.debian.org/debian-lts-announce/2023/08/msg00026.htmlhttps://security.netapp.com/advisory/ntap-20230824-0003/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043305https://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5474
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook