Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2024-24968 |
CWE-ID | CWE-371 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software |
10th Generation Intel Core Processors Hardware solutions / Firmware 11th Generation Intel Core Processors Hardware solutions / Firmware 12th Generation Intel Core Processors Hardware solutions / Firmware 13th Generation Intel Core Processors Hardware solutions / Firmware Intel Xeon D Processors Hardware solutions / Firmware 3rd Generation Intel Xeon Scalable Processors Hardware solutions / Firmware Intel Processor Microcode Package for Linux Hardware solutions / Firmware 13th Generation Intel Core i7 processors Hardware solutions / Other hardware appliances |
Vendor | Intel |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU97423
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-24968
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper finite state machines (FSMs) in hardware logic. A local privileged user can perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versions10th Generation Intel Core Processors: All versions
11th Generation Intel Core Processors: All versions
12th Generation Intel Core Processors: All versions
13th Generation Intel Core i7 processors: All versions
13th Generation Intel Core Processors: All versions
Intel Xeon D Processors: All versions
3rd Generation Intel Xeon Scalable Processors: All versions
Intel Processor Microcode Package for Linux: 20190312 - 20240813
CPE2.3http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.