EGI SVG Advisories

Advisory-EGI-SVG-2023-58

‘ALERT’ [TLP:CLEAR] Intel processor vulnerability [EGI-SVG-2023-58]

Date: 2023-11-21

A security vulnerability was found in some Intel processors potentially allowing privilege escalation, information disclosure and/or a denial of service via local access. [R 1] [R 2]

IDs AND CVSS SCORE

EGI SVG ID : EGI-SVG-2023-58

CVE ID : CVE-2023-23583

CVSS Score : 8.8 [R 1]

ACTIONS REQUIRED/RECOMMENDED

Sites running intel hardware are recommended to look at the announced information and take appropriate action.

If anyone becomes aware of any situation where this vulnerability has a significant impact on the EGI infrastructure then please inform EGI SVG.

See references below for further information, especially [R 3]

STATUS OF THIS ADVISORY

TLP:CLEAR information - Unlimited distribution

https://advisories.egi.eu/Advisory-EGI-SVG-2023-58

https://advisories.egi.eu/Advisory-SVG-CVE-2023-23583

Minor updates may be made without re-distribution to the sites.

CONTACT AND OTHER INFORMATION ON SVG

Comments or questions should be sent to svg-rat at mailman.egi.eu

Vulnerabilities relevant for EGI can be reported at report-vulnerability at egi.eu

(see [R 99] for further details, and other information on SVG)

REFERENCES

CREDITS

SVG was alerted to this vulnerability by Barbara Krasovec