Main Vulnerability Database Vulnerabilities #VU89676

#VU89676 Deserialization of Untrusted Data in Intel products - CVE-2024-21823

Published: May 20, 2024

Vulnerability identifier: #VU89676

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-21823

CWE-ID: CWE-502

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
4th Generation Intel Xeon Gold Processors
Intel Xeon W Processors
5th Generation Intel Xeon Scalable processors
Intel Driver and Support Assistant (DSA)
MPI Library
DSA Transparent Offload Library (DTO)
OFI Libfabric Shared Memory Provider
Data Mover Library (DML)
Query Processing Library (QPL)

Software vendor:
Intel

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure deserialization in hardware logic. A local user can perform a denial of service (DoS) attack.

Remediation

Install updates from vendor's website.

External links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html

#VU89676 Deserialization of Untrusted Data in Intel products - CVE-2024-21823

Description

Remediation

External links

Please verify you're human