2024-05-14
Intel® TDX Module Software Advisory, May 14, 2024
Description: Potential security vulnerabilities in some Intel® Trust Domain Extensions (TDX) module software may allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities.
1. Intel Code:
FCP/DNP already merge the patch. (UPLR1 OOB) BIOS:9536D05
2. AMI Code:
For Eagle Stream Platform: 5.32_EagleStreamCrb_0ACOR_102
INTEL-SA-01036 –Intel® TDX Module Software Advisory
- CVE-2023-45745
- INTEL-SA-01036
2024-05-14
Intel® Server Products UEFI Firmware Advisory, May 14, 2024
Description: Potential security vulnerabilities in some Intel® Server Products UEFI firmware may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities.
1. Intel Code:
FCP/DNP already merge the patch. BIOS:R01.02.0001
INTEL-SA-01080 –Intel® Server Products UEFI Firmware Advisory
- CVE-2023-22662
- CVE-2024-22095
- CVE-2024-23980
- CVE-2024-24981
- CVE-2024-23487
- CVE-2024-22382
- INTEL-SA-01080
2024-05-14
Intel® Chipset Device Software Advisory, May 14, 2024
Description: A potential security vulnerability in some Intel® Chipset Device Software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability.
1. Intel already provides libraries for the updated Kernel version to avoid this SA, suggest following the APOS list to do the validation.
INTEL-SA-01032–Intel® Chipset Device Software Advisory
- CVE-2024-21814
- INTEL-SA-01032
2024-04-30
Cross-Process Information Leak, April 30, 2024
Description: Under specific microarchitectural circumstances, a register in “Zen 2” CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which may allow an attacker to potentially access sensitive information.
AMD-SB-7008
- CVE-2023-20593
- AMD-SB-7008
2024-04-30
Return Address Security Bulletins, April 30, 2024
Description: AMD has received an external report titled ‘INCEPTION’, describing a new speculative side channel attack. The attack can result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. This attack is similar to previous branch prediction-based attacks like Spectrev2 and Branch Type Confusion (BTC)/RetBleed. As with similar attacks, speculation is constrained within the current address space and to exploit, an attacker must have knowledge of the address space and control of sufficient registers at the time of RET (return from procedure) speculation. Hence, AMD believes this vulnerability is only potentially exploitable locally, such as via downloaded malware, and recommends customers employ security best practices, including running up-to-date software and malware detection tools.
AMD is not aware of any exploit of ‘Inception’ outside the research environment at this time.
AMD-SB-7005
- CVE-2023-20569
- AMD-SB-7005
2024-04-09
AMD Response to “ZENHAMMER: Rowhammer Attacks on AMD Zen-Based Platforms”, April 09, 2024
Description: On February 26, 2024, AMD received new research related to an industry-wide DRAM issue documented in “ZENHAMMER: Rowhammering Attacks on AMD Zen-based Platforms” from researchers at ETH Zurich. The research demonstrates performing Rowhammer attacks on DDR4 and DDR5 memory using AMD “Zen” platforms. Given the history around Rowhammer, the researchers do not consider these rowhammering attacks to be a new issue.
AMD-SB-7021
2024-03-18
Intel® Chipset Driver Software Advisory, March 18, 2024
Description: Potential security vulnerabilities in some Intel® Chipset Driver Software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities.
This is related with Intel Chipset Driver. The affacted products are FCP and DNP.
INTEL-SA-00928–Intel® Chipset Driver Software Advisory
- CVE-2023-25174
- CVE-2023-28739
- INTEL-SA-00928
2024-03-12
2024.1 IPU - Intel® Xeon® Processor Advisory, March 12, 2024
Description: A potential security vulnerability in some 3rd and 4th Generation Intel® Xeon® Processors when using Intel® Software Guard Extensions (SGX) or Intel® Trust Domain Extensions (TDX) may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability.
1. Intel Code:
FCP/DNP already merge the patch. (PLR5) BIOS:R01.02.0001
CYP/TNP BIOS R01.01.0009 Next BIOS will fix.
2. AMI Code:
For Eagle Stream Platform: 5.32_EagleStreamCrb_0ACOR_098
INTEL-SA-00960 –2024.1 IPU - Intel® Xeon® Processor Advisory
- CVE-2023-22655
- INTEL-SA-00960
2024-03-12
2024.1 IPU - Intel® Atom® Processor Advisory, March 12, 2024
Description: A potential security vulnerability in some Intel® Atom® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability.
1. Intel Code:
FCP/DNP already merge the patch. (PLR5) BIOS:R01.02.0001
CYP/TNP BIOS R01.01.0009 Next BIOS will fix.
2. AMI Code:
For Eagle Stream Platform: 5.32_EagleStreamCrb_0ACOR_098
INTEL-SA-00898 –2024.1 IPU - Intel® Atom® Processor Advisory
- CVE-2023-28746
- INTEL-SA-00898