Improper Conditions Check in Intel Xeon Scalable Processors
CVE-2019-11139

6MEDIUM

Key Information:

Vendor

Debian
Status
2019.2 Ipu – Intel(r) Xeon(r) Scalable Processors Voltage Setting Modulation
Vendor
CVE Published:
14 November 2019

What is CVE-2019-11139?

An improper conditions check in the voltage modulation interface for certain Intel Xeon Scalable Processors can be exploited by a privileged user. This vulnerability has the potential to enable denial of service through local access, posing significant risks to system availability. It is crucial for users of affected Intel processors to address this issue promptly by applying relevant patches and updates provided by Intel and associated vendors.

Affected Version(s)

2019.2 IPU – Intel(R) Xeon(R) Scalable Processors Voltage Setting Modulation See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2019...
vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019...
vendor-advisoryx_refsource_SUSE

CVSS V3.1

Score:
6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.