{"id":"MGASA-2023-0085","summary":"Updated microcode packages fix security vulnerabilities","details":"Updated microcode packages fix security vulnerabilities:\n\nInsufficient granularity of access control in out-of-band management\nin some Intel(R) Atom and Intel Xeon Scalable Processors may allow a\nprivileged user to potentially enable escalation of privilege via\nadjacent network access (CVE-2022-21216 / intel-sa-00700).\n\nIncorrect default permissions in some memory controller configurations\nfor some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard\nExtensions which may allow a privileged user to potentially enable\nescalation of privilege via local access (CVE-2022-33196 / intel-sa-00738).\n\nIncorrect calculation in microcode keying mechanism for some 3rd\nGeneration Intel(R) Xeon(R) Scalable Processors may allow a privileged\nuser to potentially enable information disclosure via local access\n(CVE-2022-33972 / intel-sa-00730).\n\nImproper isolation of shared resources in some Intel(R) Processors when\nusing Intel(R) Software Guard Extensions may allow a privileged user to\npotentially enable information disclosure via local access\n(CVE-2022-38090 / intel-sa-00767).\n","modified":"2026-02-04T03:38:41.416358Z","published":"2023-03-11T19:00:39Z","related":["CVE-2022-21216","CVE-2022-33196","CVE-2022-33972","CVE-2022-38090"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0085.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31581"},{"type":"REPORT","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00700.html"},{"type":"REPORT","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00730.html"},{"type":"REPORT","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html"},{"type":"REPORT","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html"}],"affected":[{"package":{"name":"microcode","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/microcode?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20230214-1.mga8.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0085.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}