#VU101936 Improper finite state machines in hardware logic in Intel products - CVE-2024-21853
Published: December 27, 2024
Vulnerability identifier: #VU101936
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-21853
CWE-ID: CWE-1245
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W Processors
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W Processors
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in hardware logic. A local unprivileged user can perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.