Improper finite state machines in hardware logic in Intel products - CVE-2024-21853
Published: December 27, 2024
Vulnerability identifier: #VU101936
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-21853
CWE-ID: CWE-1245
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W Processors
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W Processors
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in hardware logic. A local unprivileged user can perform a denial of service (DoS) attack.
How to mitigate CVE-2024-21853
Install updates from vendor's website.