Multiple Vulnerabilities in Intel Products

Post author:shashikant redekar
Post published:November 24, 2021
Post category:Cyber Security
Post comments:0 Comments

Original Issue Date: November 22, 2021

Severity Rating: HIGH

Systems Affected

Intel® Xeon® Processor E Family

Intel® Xeon® Processor E3 v6 Family

Intel® Xeon® Processor W Family

3rd Generation Intel® Xeon® Scalable Processors

11th Generation Intel® Core¿ Processors

10th Generation Intel® Core¿ Processors

7th Generation Intel® Core¿ Processors

Intel® Core¿ X-series Processors

Intel® Celeron® Processor N Series

Intel® Pentium® Silver Processor Series

Intel® Pentium® Processor J Series, N Series

Intel® Celeron® Processor J Series, N Series

Intel® Atom® Processor A Series

Intel® Atom® Processor E3900 Series

Intel® Pentium® Processor N Series

Intel® Celeron® Processor N Series

Intel® Atom® Processor E3900 Series

Intel® Pentium® Processor Silver Series/ J&N Series

Intel® Pentium® Processor Silver Series/ J&N Series – Refresh

Intel® Atom® Processor C3000

Intel® EMA before version 1.5.0.

Intel® Core¿ i5-8305G Processor with Radeon¿ RX Vega M GL graphics before version 21.10.

Intel® Core¿ i7-8706G Processor with Radeon¿ RX Vega M GL graphics before version 21.10.

Intel® Graphics Driver for Windows® 10 64-bit for NUC8i7HNK, NUC8i7HVK before version 21.10.

Overview

Multiple vulnerabilities have been reported in Intel products which could be exploited by an attacker to escalate privileges or cause denial of service conditions on a targeted system.

Description

These vulnerabilities exist in Intel products due to Insufficient control flow management, insufficient input validation, insufficient pointer validation, Improper input validation, debug logic, Arbitrary Decrement Privilege Escalation, arbitrary read and write vulnerability, Arbitrary Free After Use, out of bounds read and write vulnerability, invalid object pointer free vulnerability, Stack Buffer Overflow, Pool/Heap Overflow, untrusted search path, heap information leak/kernel pool address disclosure and Kernel Pool Address disclosure. Successful exploitation of these vulnerabilities could allow the attacker to escalate privileges or cause denial of service conditions on a targeted system.

Solution

Apply appropriate patches as mentioned in Intel Security Bulletin: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00562.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00482.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00481.html

Please Share This Share this content

You Might Also Like

Header splitting Vulnerability in Mozilla Products

Wish You Happy Diwali 2021 !!!

Information Disclosure Vulnerability in ThroughTek “Kalay”

Leave a Reply Cancel reply

Share this content