Out-of-bounds read in Intel products - CVE-2023-49144
Published: August 20, 2024
Vulnerability identifier: #VU96247
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-49144
CWE-ID: CWE-125
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
4th Generation Intel Xeon Scalable Processors
5th Generation Intel Xeon Scalable processors
OpenBMC
4th Generation Intel Xeon Scalable Processors
5th Generation Intel Xeon Scalable processors
OpenBMC
Detailed vulnerability description
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
How to mitigate CVE-2023-49144
Install updates from vendor's website.