Sequence of processor instructions leads to unexpected behavior in Intel products - CVE-2024-37020
Published: February 17, 2025
Vulnerability identifier: #VU104007
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-37020
CWE-ID: CWE-1281
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
Intel Driver and Support Assistant (DSA)
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W workstation processors
5th Generation Intel Xeon Scalable processors
Intel Atom P6900 Processor
Intel Xeon 6 processor with E-cores
Intel Driver and Support Assistant (DSA)
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W workstation processors
5th Generation Intel Xeon Scalable processors
Intel Atom P6900 Processor
Intel Xeon 6 processor with E-cores
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error related to processing of Sequence of processor instructions. A local user can cause a denial of service condition on the target system.
How to mitigate CVE-2024-37020
Install updates from vendor's website.