CVE-2023-23908

Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.

Published: Aug 11, 2023
Updated: Aug 24, 2023
CVE: CVE-2023-23908
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.4
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
intel / microcode	-	20230808
debian / debian_linux	10.0	10.0.x
debian / debian_linux	11.0	11.0.x
debian / debian_linux	12.0	12.0.x
fedoraproject / fedora	37	37.x
fedoraproject / fedora	38	38.x

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/
https://security.netapp.com/advisory/ntap-20230824-0003/
https://www.debian.org/security/2023/dsa-5474

Vulnerability Database

CVE-2023-23908

Deep Security Visibility Without the Complexity