#VU97423 State Issues in Intel products - CVE-2024-24968
Published: September 17, 2024
Vulnerability identifier: #VU97423
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-24968
CWE-ID: CWE-371
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
10th Generation Intel Core Processors
11th Generation Intel Core Processors
12th Generation Intel Core Processors
13th Generation Intel Core Processors
Intel Xeon D Processors
3rd Generation Intel Xeon Scalable Processors
Intel Processor Microcode Package for Linux
13th Generation Intel Core i7 processors
10th Generation Intel Core Processors
11th Generation Intel Core Processors
12th Generation Intel Core Processors
13th Generation Intel Core Processors
Intel Xeon D Processors
3rd Generation Intel Xeon Scalable Processors
Intel Processor Microcode Package for Linux
13th Generation Intel Core i7 processors
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper finite state machines (FSMs) in hardware logic. A local privileged user can perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.