CVE-2023-23583

high-risk

Published 2023-11-14

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

LOCAL / LOW complexity

Affected Products (20)

Core I3-10100Y Firmware

Core I3-10110U Firmware

Core I3-10110Y Firmware

Core I3-1005G1 Firmware

Core I5-10500H Firmware

Core I5-10200H Firmware

Core I5-10310U Firmware

Core I5-10300H Firmware

Core I5-10400H Firmware

Core I5-10210U Firmware

Core I5-10210Y Firmware

Core I5-10310Y Firmware

Core I5-1035G1 Firmware

Core I5-1035G4 Firmware

Core I5-1035G7 Firmware

Core I7-10870H Firmware

Core I7-10610U Firmware

Core I7-10810U Firmware

Core I7-10750H Firmware

Core I7-10850H Firmware

Affected Vendors

Debian Intel Netapp

References (20)

Mailing List http://www.openwall.com/lists/oss-security/2023/11/14/4

Mailing List http://www.openwall.com/lists/oss-security/2023/11/14/5

Mailing List http://www.openwall.com/lists/oss-security/2023/11/14/6

Mailing List http://www.openwall.com/lists/oss-security/2023/11/14/7

Mailing List http://www.openwall.com/lists/oss-security/2023/11/14/8

Mailing List http://www.openwall.com/lists/oss-security/2023/11/14/9

https://lists.debian.org/debian-lts-announce/2023/12/msg00012.html

Third Party Advisory https://security.netapp.com/advisory/ntap-20231116-0015/

Third Party Advisory https://www.debian.org/security/2023/dsa-5563

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950....