Your submission was sent successfully! Close

CVE-2021-0146

Published: 17 November 2021

Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Notes

AuthorNote
amurray
Updates available in upstream release https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220207
Priority

Medium

CVSS 3 base score: 6.8

Status

Package Release Status
intel-microcode
Launchpad, Ubuntu, Debian
bionic
Released (3.20220510.0ubuntu0.18.04.1)
focal
Released (3.20220510.0ubuntu0.20.04.1)
impish
Released (3.20220510.0ubuntu0.21.10.1)
jammy
Released (3.20220510.0ubuntu0.22.04.1)
kinetic
Released (3.20220207.1ubuntu1)
trusty Ignored
(early microcode loading not allowed)
upstream
Released (3.20220207.1)
xenial
Released (3.20220510.0ubuntu0.16.04.1+esm1)