vulnerability

Oracle Linux: CVE-2023-31315: ELSA-2024-12579: linux-firmware security update (MODERATE) (Multiple Advisories)

Try Surface Command
Back to search
Severity
6
CVSS
(AV:L/AC:H/Au:M/C:C/I:C/A:C)
Published
08/09/2024
Added
08/16/2024
Modified
12/18/2024

Description

Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
A flaw was found in hw. Improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify the SMM configuration while the SMI lock is enabled. This issue can lead to arbitrary code execution.

Solution(s)

oracle-linux-upgrade-iwl1000-firmwareoracle-linux-upgrade-iwl100-firmwareoracle-linux-upgrade-iwl105-firmwareoracle-linux-upgrade-iwl135-firmwareoracle-linux-upgrade-iwl2000-firmwareoracle-linux-upgrade-iwl2030-firmwareoracle-linux-upgrade-iwl3160-firmwareoracle-linux-upgrade-iwl3945-firmwareoracle-linux-upgrade-iwl4965-firmwareoracle-linux-upgrade-iwl5000-firmwareoracle-linux-upgrade-iwl5150-firmwareoracle-linux-upgrade-iwl6000-firmwareoracle-linux-upgrade-iwl6000g2a-firmwareoracle-linux-upgrade-iwl6000g2b-firmwareoracle-linux-upgrade-iwl6050-firmwareoracle-linux-upgrade-iwl7260-firmwareoracle-linux-upgrade-iwlax2xx-firmwareoracle-linux-upgrade-libertas-sd8686-firmwareoracle-linux-upgrade-libertas-sd8787-firmwareoracle-linux-upgrade-libertas-usb8388-firmwareoracle-linux-upgrade-libertas-usb8388-olpc-firmwareoracle-linux-upgrade-linux-firmwareoracle-linux-upgrade-linux-firmware-coreoracle-linux-upgrade-linux-firmware-whenceoracle-linux-upgrade-liquidio-firmwareoracle-linux-upgrade-netronome-firmware

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today