There are 5 open security issues in bullseye.
3 important issues:
- CVE-2024-21820:
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2024-21853:
Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access.
- CVE-2024-23918:
Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.
2 issues postponed or untriaged:
- CVE-2024-23984:
(postponed; to be fixed through a stable update)
Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- CVE-2024-24968:
(postponed; to be fixed through a stable update)
Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/i/intel-microcode.png){kind=link}