CVE-2023-39368
Published: 12 March 2024
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access.
From the Ubuntu Security Team
It was discovered that some IntelĀ® Processors did not properly enforce bus lock regulator protections. A remote attacker could use this to cause a denial of service.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
intel-microcode Launchpad, Ubuntu, Debian |
bionic |
Needed
|
| focal |
Needed
|
|
| jammy |
Needed
|
|
| mantic |
Needed
|
|
| trusty |
Ignored
(trusty doesn't support early microcode loading at runtime)
|
|
| upstream |
Needs triage
|
|
| xenial |
Needed
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.5 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |