#VU107010 Input validation error in Intel products - CVE-2024-39355
Vulnerability identifier: #VU107010
Vulnerability risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Intel Core i9 processor 13900KS
Hardware solutions /
Firmware
Intel Core i9 processor 13900K
Hardware solutions /
Firmware
Intel Core i9 processor 13900KF
Hardware solutions /
Firmware
Intel Core i9 processor 13900F
Hardware solutions /
Firmware
Intel Core i9 processor 13900
Hardware solutions /
Firmware
Intel Core i9 processor 13900E
Hardware solutions /
Firmware
Intel Core i7 processor 13700K
Hardware solutions /
Firmware
Intel Core i7 processor 13700KF
Hardware solutions /
Firmware
Intel Core i7 processor 13790F
Hardware solutions /
Firmware
Intel Core i7 processor 13700F
Hardware solutions /
Firmware
Intel Core i7 processor 13700
Hardware solutions /
Firmware
Intel Core i5 processor 13600K
Hardware solutions /
Firmware
Intel Core i5 processor 13600KF
Hardware solutions /
Firmware
Intel Core i9 processor 14900
Hardware solutions /
Firmware
Intel Core i9 processor 14900K
Hardware solutions /
Firmware
Intel Core i9 processor 14900KS
Hardware solutions /
Firmware
Intel Core i9 processor 14900F
Hardware solutions /
Firmware
Intel Core i9 processor 14900KF
Hardware solutions /
Firmware
Intel Core i7 processor 14700
Hardware solutions /
Firmware
Intel Core i7 processor 14700F
Hardware solutions /
Firmware
Intel Core i7 processor 14700K
Hardware solutions /
Firmware
Intel Core i7 processor 14700KF
Hardware solutions /
Firmware
Intel Core i5 processor 14600K
Hardware solutions /
Firmware
Intel Core i5 processor 14600KF
Hardware solutions /
Firmware
Intel Core i9 processor 14901E
Hardware solutions /
Firmware
Intel Core i7 processor 14701E
Hardware solutions /
Firmware
Vendor: Intel
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper handling of physical or environmental conditions in Intel processors. A local user can perform a denial of service (DoS) attack.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Intel Core i9 processor 13900KS: All versions
Intel Core i9 processor 13900K: All versions
Intel Core i9 processor 13900KF: All versions
Intel Core i9 processor 13900F: All versions
Intel Core i9 processor 13900: All versions
Intel Core i9 processor 13900E: All versions
Intel Core i7 processor 13700K: All versions
Intel Core i7 processor 13700KF: All versions
Intel Core i7 processor 13790F: All versions
Intel Core i7 processor 13700F: All versions
Intel Core i7 processor 13700: All versions
Intel Core i5 processor 13600K: All versions
Intel Core i5 processor 13600KF: All versions
Intel Core i9 processor 14900: All versions
Intel Core i9 processor 14900K: All versions
Intel Core i9 processor 14900KS: All versions
Intel Core i9 processor 14900F: All versions
Intel Core i9 processor 14900KF: All versions
Intel Core i7 processor 14700: All versions
Intel Core i7 processor 14700F: All versions
Intel Core i7 processor 14700K: All versions
Intel Core i7 processor 14700KF: All versions
Intel Core i5 processor 14600K: All versions
Intel Core i5 processor 14600KF: All versions
Intel Core i9 processor 14901E: All versions
Intel Core i7 processor 14701E: All versions
External links
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01228.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
