Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.
Weakness
Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim’s system.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat OpenShift Container Platform 4.16 | RedHat | rhcos-416.94.202411261619-0 | * |
| Intel-microcode | Ubuntu | esm-infra-legacy/trusty | * |
| Intel-microcode | Ubuntu | esm-infra/bionic | * |
| Intel-microcode | Ubuntu | esm-infra/focal | * |
| Intel-microcode | Ubuntu | esm-infra/xenial | * |
| Intel-microcode | Ubuntu | focal | * |
| Intel-microcode | Ubuntu | jammy | * |
| Intel-microcode | Ubuntu | noble | * |
| Intel-microcode | Ubuntu | trusty/esm | * |
Extended Description
The functionality and security of the system heavily depend on the implementation of FSMs. FSMs can be used to indicate the current security state of the system. Lots of secure data operations and data transfers rely on the state reported by the FSM.