USN-6967-1
- Source
- https://ubuntu.com/security/notices/USN-6967-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6967-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-6967-1
- Upstream
- Related
- Published
- 2024-08-20T00:02:38.242930Z
- Modified
- 2025-10-13T04:38:16Z
- Summary
- intel-microcode vulnerabilities
- Details
-
It was discovered that some Intel® Core™ Ultra Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. (CVE-2023-42667)
It was discovered that some Intel® Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. (CVE-2023-49141)
It was discovered that some Intel® Processors did not correctly transition between the executive monitor and SMI transfer monitor (STM). A privileged local attacker could use this to escalate their privileges. (CVE-2024-24853)
It was discovered that some 3rd, 4th, and 5th Generation Intel® Xeon® Processors failed to properly implement a protection mechanism. A local attacker could use this to potentially escalate their privileges. (CVE-2024-24980)
It was discovered that some 3rd Generation Intel Xeon Scalable Processors did not properly handle mirrored regions with different values. A privileged local user could use this to cause a denial of service (system crash). (CVE-2024-25939)
- References
Affected packages
Ubuntu:Pro:16.04:LTS / intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20240813.0ubuntu0.16.04.1+esm2?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20240813.0ubuntu0.16.04.1+esm2
Affected versions
3.*
3.20150121.1
3.20151106.1
3.20170707.1~ubuntu16.04.0
3.20180108.0~ubuntu16.04.2
3.20180108.0+really20170707ubuntu16.04.1
3.20180312.0~ubuntu16.04.1
3.20180425.1~ubuntu0.16.04.1
3.20180425.1~ubuntu0.16.04.2
3.20180807a.0ubuntu0.16.04.1
3.20190514.0ubuntu0.16.04.1
3.20190514.0ubuntu0.16.04.2
3.20190618.0ubuntu0.16.04.1
3.20191112-0ubuntu0.16.04.2
3.20191115.1ubuntu0.16.04.1
3.20191115.1ubuntu0.16.04.2
3.20200609.0ubuntu0.16.04.0
3.20200609.0ubuntu0.16.04.1
3.20201110.0ubuntu0.16.04.1
3.20201110.0ubuntu0.16.04.2
3.20210216.0ubuntu0.16.04.1
3.20210608.0ubuntu0.16.04.1+esm1
3.20220510.0ubuntu0.16.04.1+esm1
3.20230214.0ubuntu0.16.04.1+esm1
3.20230808.0ubuntu0.16.04.1+esm1
3.20231114.0ubuntu0.16.04.1+esm1
3.20240514.0ubuntu0.16.04.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "3.20240813.0ubuntu0.16.04.1+esm2",
"binary_name": "intel-microcode"
}
]
}
Database specific
{
"cves_map": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"cves": [
{
"id": "CVE-2023-42667",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-49141",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24853",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24980",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-25939",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
}
Ubuntu:Pro:18.04:LTS / intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20240813.0ubuntu0.18.04.1+esm2?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20240813.0ubuntu0.18.04.1+esm2
Affected versions
3.*
3.20170707.1
3.20171117.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.0~ubuntu18.04.1
3.20180425.1~ubuntu0.18.04.1
3.20180425.1~ubuntu0.18.04.2
3.20180807a.0ubuntu0.18.04.1
3.20190514.0ubuntu0.18.04.2
3.20190514.0ubuntu0.18.04.3
3.20190618.0ubuntu0.18.04.1
3.20191112-0ubuntu0.18.04.2
3.20191115.1ubuntu0.18.04.1
3.20191115.1ubuntu0.18.04.2
3.20200609.0ubuntu0.18.04.0
3.20200609.0ubuntu0.18.04.1
3.20201110.0ubuntu0.18.04.1
3.20201110.0ubuntu0.18.04.2
3.20210216.0ubuntu0.18.04.1
3.20210608.0ubuntu0.18.04.1
3.20220510.0ubuntu0.18.04.1
3.20220809.0ubuntu0.18.04.1
3.20230214.0ubuntu0.18.04.1
3.20230808.0ubuntu0.18.04.1+esm1
3.20231114.0ubuntu0.18.04.1+esm1
3.20240514.0ubuntu0.18.04.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "3.20240813.0ubuntu0.18.04.1+esm2",
"binary_name": "intel-microcode"
}
]
}
Database specific
{
"cves_map": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"cves": [
{
"id": "CVE-2023-42667",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-49141",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24853",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24980",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-25939",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
}
Ubuntu:20.04:LTS / intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20240813.0ubuntu0.20.04.2?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20240813.0ubuntu0.20.04.2
Affected versions
3.*
3.20190918.1ubuntu1
3.20191115.1ubuntu1
3.20191115.1ubuntu2
3.20191115.1ubuntu3
3.20200609.0ubuntu0.20.04.0
3.20200609.0ubuntu0.20.04.1
3.20200609.0ubuntu0.20.04.2
3.20201110.0ubuntu0.20.04.1
3.20201110.0ubuntu0.20.04.2
3.20210216.0ubuntu0.20.04.1
3.20210608.0ubuntu0.20.04.1
3.20220510.0ubuntu0.20.04.1
3.20220809.0ubuntu0.20.04.1
3.20230214.0ubuntu0.20.04.1
3.20230808.0ubuntu0.20.04.1
3.20231114.0ubuntu0.20.04.1
3.20240514.0ubuntu0.20.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "3.20240813.0ubuntu0.20.04.2",
"binary_name": "intel-microcode"
}
]
}
Database specific
{
"cves_map": {
"ecosystem": "Ubuntu:20.04:LTS",
"cves": [
{
"id": "CVE-2023-42667",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-49141",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24853",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24980",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-25939",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
}
Ubuntu:22.04:LTS / intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20240813.0ubuntu0.22.04.2?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20240813.0ubuntu0.22.04.2
Affected versions
3.*
3.20210608.2ubuntu1
3.20220510.0ubuntu0.22.04.1
3.20220809.0ubuntu0.22.04.1
3.20230214.0ubuntu0.22.04.1
3.20230808.0ubuntu0.22.04.1
3.20231114.0ubuntu0.22.04.1
3.20240514.0ubuntu0.22.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "3.20240813.0ubuntu0.22.04.2",
"binary_name": "intel-microcode"
}
]
}
Database specific
{
"cves_map": {
"ecosystem": "Ubuntu:22.04:LTS",
"cves": [
{
"id": "CVE-2023-42667",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-49141",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24853",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24980",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-25939",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
}
Ubuntu:24.04:LTS / intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20240813.0ubuntu0.24.04.2?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20240813.0ubuntu0.24.04.2
Affected versions
3.*
3.20230808.1
3.20231114.0ubuntu1
3.20231114.1
3.20240312.1
3.20240312.1build1
3.20240514.0ubuntu0.24.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "3.20240813.0ubuntu0.24.04.2",
"binary_name": "intel-microcode"
}
]
}
Database specific
{
"cves_map": {
"ecosystem": "Ubuntu:24.04:LTS",
"cves": [
{
"id": "CVE-2023-42667",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2023-49141",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24853",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-24980",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2024-25939",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
}