Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access.
Weakness
Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim’s system.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Intel-microcode | Ubuntu | devel | * |
| Intel-microcode | Ubuntu | esm-infra-legacy/trusty | * |
| Intel-microcode | Ubuntu | esm-infra/bionic | * |
| Intel-microcode | Ubuntu | esm-infra/focal | * |
| Intel-microcode | Ubuntu | esm-infra/xenial | * |
| Intel-microcode | Ubuntu | focal | * |
| Intel-microcode | Ubuntu | jammy | * |
| Intel-microcode | Ubuntu | noble | * |
| Intel-microcode | Ubuntu | oracular | * |
| Intel-microcode | Ubuntu | trusty/esm | * |
| Intel-microcode | Ubuntu | upstream | * |
Extended Description
The functionality and security of the system heavily depend on the implementation of FSMs. FSMs can be used to indicate the current security state of the system. Lots of secure data operations and data transfers rely on the state reported by the FSM.