vulnerability

Amazon Linux AMI 2: CVE-2021-0146: Security patch for microcode_ctl (ALAS-2022-1762)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Nov 17, 2021	Jul 4, 2022	Sep 30, 2022

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Nov 17, 2021

Added

Jul 4, 2022

Modified

Sep 30, 2022

Description

Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Solutions

amazon-linux-ami-2-upgrade-microcode_ctlamazon-linux-ami-2-upgrade-microcode_ctl-debuginfo

References

AMAZON-AL2/ALAS-2022-1762
CVE-2021-0146
https://attackerkb.com/topics/CVE-2021-0146

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today