#VU104007 Sequence of processor instructions leads to unexpected behavior in Intel products - CVE-2024-37020
Published: February 17, 2025
Vulnerability identifier: #VU104007
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-37020
CWE-ID: CWE-1281
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Intel Driver and Support Assistant (DSA)
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W workstation processors
5th Generation Intel Xeon Scalable processors
Intel Atom P6900 Processor
Intel Xeon 6 processor with E-cores
Intel Driver and Support Assistant (DSA)
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W workstation processors
5th Generation Intel Xeon Scalable processors
Intel Atom P6900 Processor
Intel Xeon 6 processor with E-cores
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error related to processing of Sequence of processor instructions. A local user can cause a denial of service condition on the target system.
Remediation
Install updates from vendor's website.