State Issues in Intel products - CVE-2024-24968
Published: September 17, 2024
Vulnerability identifier: #VU97423
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-24968
CWE-ID: CWE-371
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
10th Generation Intel Core Processors
11th Generation Intel Core Processors
12th Generation Intel Core Processors
13th Generation Intel Core Processors
Intel Xeon D Processors
3rd Generation Intel Xeon Scalable Processors
Intel Processor Microcode Package for Linux
13th Generation Intel Core i7 processors
10th Generation Intel Core Processors
11th Generation Intel Core Processors
12th Generation Intel Core Processors
13th Generation Intel Core Processors
Intel Xeon D Processors
3rd Generation Intel Xeon Scalable Processors
Intel Processor Microcode Package for Linux
13th Generation Intel Core i7 processors
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper finite state machines (FSMs) in hardware logic. A local privileged user can perform a denial of service (DoS) attack.
How to mitigate CVE-2024-24968
Install updates from vendor's website.