CVE-2023-23583 — HIGH (8.8)

Vulnerability Description

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Intel	Core I3-10100Y Firmware	-
Intel	Core I3-10100Y	-
Intel	Core I3-10110U Firmware	-
Intel	Core I3-10110U	-
Intel	Core I3-10110Y Firmware	-
Intel	Core I3-10110Y	-
Intel	Core I3-1005G1 Firmware	-
Intel	Core I3-1005G1	-
Intel	Core I5-10500H Firmware	-
Intel	Core I5-10500H	-
Intel	Core I5-10200H Firmware	-
Intel	Core I5-10200H	-
Intel	Core I5-10310U Firmware	-
Intel	Core I5-10310U	-
Intel	Core I5-10300H Firmware	-
Intel	Core I5-10300H	-
Intel	Core I5-10400H Firmware	-
Intel	Core I5-10400H	-
Intel	Core I5-10210U Firmware	-
Intel	Core I5-10210U	-

Related Weaknesses (CWE)

CWE-1281 CWE-276

References

http://www.openwall.com/lists/oss-security/2023/11/14/4Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/5Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/6Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/7Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/8Mailing List
http://www.openwall.com/lists/oss-security/2023/11/14/9Mailing List
https://lists.debian.org/debian-lts-announce/2023/12/msg00012.html
https://security.netapp.com/advisory/ntap-20231116-0015/Third Party Advisory
https://www.debian.org/security/2023/dsa-5563Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.Vendor Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/4Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/5Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/6Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/7Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/14/8Mailing List

FAQ

What is CVE-2023-23583?

CVE-2023-23583 is a vulnerability with a CVSS score of 8.8 (HIGH). Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure...

How severe is CVE-2023-23583?

CVE-2023-23583 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-23583?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Core I3-10100Y Firmware, Intel Core I3-10100Y, Intel Core I3-10110U Firmware, Intel Core I3-10110U, Intel Core I3-10110Y Firmware.