Name: intel-microcode
CVEs: CVE-2023-45733, CVE-2023-45745, CVE-2023-46103, CVE-2023-47855
CVSSs: 2.8, 7.9, 4.7, 6.0
Action Needed: update to >= 20240514

Summary:

• CVE-2023-45733: Hardware logic contains race conditions in some Intel® Processors may allow an authenticated user to potentially enable partial information disclosure via local access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html
• CVE-2023-45745: Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html
• CVE-2023-46103: Sequence of processor instructions leads to unexpected behavior in Intel® Core™ Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html
• CVE-2023-47855: Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html

refmap.gentoo: TBD