Details of VAR-202106-0345

ID

VAR-202106-0345

CVE

CVE-2020-24513

TITLE

Intel Processors Information disclosure vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202106-632

DESCRIPTION

Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel Processors (Intel processors) are Intel Corporation's processors that interpret computer instructions and process data in computer software. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. 6 ELS) - i386, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2303-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2303 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ==================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMAkptzjgjWX9erEAQjQaxAAiXuFV2AZ5UNVNR29EFFEaHsHDTLaeYNm ibgw81yBpSZopPqtVYoznk9JAYc2YSrgbq0/BxC+rWHRTGPom5lZumlkqc+Nkjon sGx6SXU5q9M/nPutM/p5afTXNaHbZVQojjeP9VIpF1qz94JRcJisrumAW/sS27/v Ie6wqizvXNJZq30FOmgAq3vSXJpvakZYrBZoRvdm3MUx3rqiy/Sn62VtexeJoWJf 7BVF9y24rn2r9BuG6QNKGnYTxuUHAfcTAy5laJZ7EWdpEXcSZG6SV6x40Zdg6TaV 8x6PFSbvb2woGvWfFr5so9I92X1z9MCh4vQ5hmPnoHHREXpDKcDjvmfnStNkKD3F kOvf99Ph7E4Th/NhFwAczspiZEJYbvZ7ZenKQwWd2lGnEzFdPU5g5c3n+WVyN1qZ psD/uZlryQyIUyvRPowGppm/vJfyIiDKr+yUpq3AGscs9ASpnH6120ClaQx3KutT gpUbnKDxAW7UMlg5V4A9y5jJBgW8cZGH4qKc9KeDOj1MOjOhrfClInKhfqqY6YF1 8ulHpTKFyXzFjKBST1PKhCQQ2HhG74GoG147R0yHZw+9T0+o3ovlEQTxD2yVgGua 7LQ/vJotdgvBEaYoWTz6WwphiYQpFbbyQ6E0qplPVJMMmFKhDpNKS+ama5CHnfUF 6I3FlLzt1EU=YG8p -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . For the stable distribution (buster), these problems have been fixed in version 3.20210608.2~deb10u1. Note that there are two reported regressions; for some CoffeeLake CPUs this update may break iwlwifi (https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/56) and some for Skylake R0/D0 CPUs on systems using a very outdated firmware/BIOS, the system may hang on boot: (https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31) If you are affected by those issues, you can recover by disabling microcode loading on boot (as documented in README.Debian (also available online at https://salsa.debian.org/hmh/intel-microcode/-/blob/master/debian/README.Debian)) We recommend that you upgrade your intel-microcode packages. For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDXan0ACgkQEMKTtsN8 Tja9aQ//f1dHsEghQsedGnkMCIa2qLi12UFtb4yW7TYV6uwloqbYZMbymvoXYOAB haasn+yCaGUkXuAHxcGvZuN41EkRhdG4LfS5qoZxPMsw84ETjpV2Ohwhuqwf9P20 9pqV1QLjVPCMiCqvHatkzyRNPtRhIh0uCRx5HtIeOEyKTwhVnUJrrljUXCzMDviD 3As0n0yVUPDIcJdaVxp5mxyebf1NyIYMR+7wmzTBOhK6i+rEE4NkKGkcsYBIM1ch AdTQNHv78QZld6ixL8iCUe1NsSugZ2QjbVL1BLW45fJv3f0BIF5uo6LBzbiJlN/6 xWwOdFTfqW1ORyr0k6JQ+yKz3oSE+jfUStwf+zegWOjYes5gGaA/nATzzNwwFfCQ qDqMmnN26qMI3MswP50ESkNs2JTK3955cIJjnscp5DeFArDuCFKh9wcqSZ46/QCE GVRi+F/Dh3JQxv/jP8jfLhCvkBptuendGo9qK5v22QoeCRoHS16dLu7HHP34hRrw k//EgtP35pD9eTNiIsxhmx3qTPD0gbQbcMG/5NTVtpNqsffAxYtqTy8+/4lfPkNn AYtYrrG6tjEHe1gasLkjthB7c0YLzPLdNyZkNIk6XZ2YIhx18N80c7gTBERSJ1Sh 9lmsnX3+5GWM7Fx2NN2vL5xIEo0einMJCyTlNMRDLim2ix1vpZg= =RVf2 -----END PGP SIGNATURE-----

Trust: 1.8

sources: NVD: CVE-2020-24513 // VULHUB: VHN-178399 // VULMON: CVE-2020-24513 // PACKETSTORM: 163031 // PACKETSTORM: 163032 // PACKETSTORM: 163036 // PACKETSTORM: 163037 // PACKETSTORM: 163042 // PACKETSTORM: 163044 // PACKETSTORM: 163047 // PACKETSTORM: 169079

AFFECTED PRODUCTS

vendor:	intel	model:	atom c3950	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3308	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3958	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron n3350	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i3-l13g4	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3708	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium silver n5000	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	p5921b	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron j3455	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron j4105	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x5-a3930	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	p5931b	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	p5962b	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium n4200	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3336	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron n3350e	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron n4100	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium silver j5040	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3508	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3558	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium j6425	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium n6415	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium silver n5030	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3558rc	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x6425e	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron j6413	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron n6211	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic et 200sp open controller	scope:	lt	version:	0209_0105	Trust: 1.0
vendor:	intel	model:	celeron j3355e	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium j4205	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom p5942b	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x5-a3940	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3758	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron n3450	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x5-a3960	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	intel	model:	atom c3858	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x6427fe	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3338r	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3750	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3850	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic ipc127e	scope:	lt	version:	21.01.07	Trust: 1.0
vendor:	intel	model:	atom x6211e	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	core i5-l16g7	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x6212re	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron j4005	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3758r	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3808	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron n4000	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3538	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x5-a3950	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3436l	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x6413e	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	intel	model:	celeron n4020	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron j3455e	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium silver j5005	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic drive controller	scope:	eq	version:	*	Trust: 1.0
vendor:	intel	model:	atom x6200fe	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron j4125	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3955	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron n4120	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	pentium n4200e	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3558r	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron j3355	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	celeron j4025	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3338	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom x6425re	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	atom c3830	scope:	eq	version:	-	Trust: 1.0

sources: NVD: CVE-2020-24513

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-24513
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202106-632
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-178399
value:	LOW
Trust: 0.1
VULMON:	CVE-2020-24513
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2020-24513
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-178399
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-24513
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.0
impactScore:	4.0
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-178399 // VULMON: CVE-2020-24513 // CNNVD: CNNVD-202106-632 // NVD: CVE-2020-24513

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2020-24513

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202106-632

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202106-632

PATCH

title:	Intel Atom Processors Repair measures for information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155259	Trust: 0.6
title:	Red Hat: CVE-2020-24513	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2020-24513	Trust: 0.1
title:	Debian CVElist Bug Report Logs: intel-microcode: CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVE-2021-24489 (INTEL-SA-00464, INTEL-SA-00465, INTEL-SA-00442)	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=5d902b5a89823da316827bef43ff1012	Trust: 0.1
title:	Debian Security Advisories: DSA-4934-1 intel-microcode -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=4ad7d48e75ab61a8e061047171de2577	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-24513 log	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202106-34] intel-ucode: multiple issues	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202106-34	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=240e27e5c8fba28153598a375a2a4130	Trust: 0.1

sources: VULMON: CVE-2020-24513 // CNNVD: CNNVD-202106-632

EXTERNAL IDS

db:	NVD	id:	CVE-2020-24513	Trust: 2.6
db:	SIEMENS	id:	SSA-309571	Trust: 1.7
db:	PACKETSTORM	id:	163031	Trust: 0.8
db:	AUSCERT	id:	ESB-2021.4047	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2537	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1996	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2088	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2258	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2243	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3443	Trust: 0.6
db:	CS-HELP	id:	SB2021062128	Trust: 0.6
db:	CS-HELP	id:	SB2021062701	Trust: 0.6
db:	CS-HELP	id:	SB2021081109	Trust: 0.6
db:	ICS CERT	id:	ICSA-21-222-05	Trust: 0.6
db:	LENOVO	id:	LEN-62742	Trust: 0.6
db:	CNNVD	id:	CNNVD-202106-632	Trust: 0.6
db:	PACKETSTORM	id:	163037	Trust: 0.2
db:	PACKETSTORM	id:	163047	Trust: 0.2
db:	PACKETSTORM	id:	163044	Trust: 0.2
db:	PACKETSTORM	id:	163042	Trust: 0.2
db:	PACKETSTORM	id:	163032	Trust: 0.2
db:	PACKETSTORM	id:	163036	Trust: 0.2
db:	PACKETSTORM	id:	163040	Trust: 0.1
db:	PACKETSTORM	id:	163043	Trust: 0.1
db:	PACKETSTORM	id:	163048	Trust: 0.1
db:	PACKETSTORM	id:	163046	Trust: 0.1
db:	VULHUB	id:	VHN-178399	Trust: 0.1
db:	VULMON	id:	CVE-2020-24513	Trust: 0.1
db:	PACKETSTORM	id:	169079	Trust: 0.1

sources: VULHUB: VHN-178399 // VULMON: CVE-2020-24513 // PACKETSTORM: 163031 // PACKETSTORM: 163032 // PACKETSTORM: 163036 // PACKETSTORM: 163037 // PACKETSTORM: 163042 // PACKETSTORM: 163044 // PACKETSTORM: 163047 // PACKETSTORM: 169079 // CNNVD: CNNVD-202106-632 // NVD: CVE-2020-24513

REFERENCES

url:	https://www.debian.org/security/2021/dsa-4934	Trust: 1.8
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html	Trust: 1.8
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf	Trust: 1.7
url:	https://access.redhat.com/security/cve/cve-2020-24513	Trust: 1.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24489	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24513	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24512	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24511	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-24511	Trust: 0.7
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.7
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.7
url:	https://access.redhat.com/articles/11258	Trust: 0.7
url:	https://access.redhat.com/security/team/key/	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2020-24489	Trust: 0.7
url:	https://bugzilla.redhat.com/):	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2020-24512	Trust: 0.7
url:	https://access.redhat.com/security/team/contact/	Trust: 0.7
url:	https://packetstormsecurity.com/files/163031/red-hat-security-advisory-2021-2299-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021081109	Trust: 0.6
url:	https://support.lenovo.com/us/en/product_security/len-62742	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6501139	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2537	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1996	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6520482	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2243	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2088	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2258	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021062128	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021062701	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3443	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4047	Trust: 0.6
url:	https://vigilance.fr/vulnerability/intel-atom-processor-information-disclosure-via-domain-bypass-transient-execution-35665	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-222-05	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2299	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2302	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2300	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2306	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2308	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2304	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2303	Trust: 0.1
url:	https://salsa.debian.org/hmh/intel-microcode/-/blob/master/debian/readme.debian))	Trust: 0.1
url:	https://github.com/intel/intel-linux-processor-microcode-data-files/issues/56)	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://github.com/intel/intel-linux-processor-microcode-data-files/issues/31)	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/intel-microcode	Trust: 0.1

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 163031 // PACKETSTORM: 163032 // PACKETSTORM: 163036 // PACKETSTORM: 163037 // PACKETSTORM: 163042 // PACKETSTORM: 163044 // PACKETSTORM: 163047

SOURCES

db:	VULHUB	id:	VHN-178399
db:	VULMON	id:	CVE-2020-24513
db:	PACKETSTORM	id:	163031
db:	PACKETSTORM	id:	163032
db:	PACKETSTORM	id:	163036
db:	PACKETSTORM	id:	163037
db:	PACKETSTORM	id:	163042
db:	PACKETSTORM	id:	163044
db:	PACKETSTORM	id:	163047
db:	PACKETSTORM	id:	169079
db:	CNNVD	id:	CNNVD-202106-632
db:	NVD	id:	CVE-2020-24513

LAST UPDATE DATE

2024-11-11T21:05:52.342000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-178399	date:	2022-04-22T00:00:00
db:	VULMON	id:	CVE-2020-24513	date:	2021-08-10T00:00:00
db:	CNNVD	id:	CNNVD-202106-632	date:	2022-04-24T00:00:00
db:	NVD	id:	CVE-2020-24513	date:	2022-04-22T16:20:19.347

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-178399	date:	2021-06-09T00:00:00
db:	VULMON	id:	CVE-2020-24513	date:	2021-06-09T00:00:00
db:	PACKETSTORM	id:	163031	date:	2021-06-09T13:26:32
db:	PACKETSTORM	id:	163032	date:	2021-06-09T13:26:50
db:	PACKETSTORM	id:	163036	date:	2021-06-09T13:28:02
db:	PACKETSTORM	id:	163037	date:	2021-06-09T13:28:17
db:	PACKETSTORM	id:	163042	date:	2021-06-09T13:40:32
db:	PACKETSTORM	id:	163044	date:	2021-06-09T13:40:48
db:	PACKETSTORM	id:	163047	date:	2021-06-09T13:42:12
db:	PACKETSTORM	id:	169079	date:	2021-06-28T19:12:00
db:	CNNVD	id:	CNNVD-202106-632	date:	2021-06-08T00:00:00
db:	NVD	id:	CVE-2020-24513	date:	2021-06-09T19:15:08.963