CVE-2023-23583 | INTEL-SA-00950

INTEL-SA-00950
A potential security vulnerability affecting certain Intel Processors could lead to privilege escalation, information disclosure, or denial of service. Intel has released firmware updates to address the vulnerability.

Key Takeaways:

  • The vulnerability can be exploited locally by an authenticated user.
  • The issue arises from a sequence of processor instructions.
  • The vulnerability has a CVSS Base Score of 8.8 (High).
  • Affected products include 10th and 11th Generation Intel Core processors, 3rd Generation Intel Xeon Processor Scalable Family, and Intel Xeon D Processor.
  • Microcode updates have been provided for some processors, while others have already been mitigated.
  • Users should update to the latest firmware versions provided by their system manufacturer.
  • Intel acknowledges the internal discovery and reports from Google employees regarding this vulnerability.

Source:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html