{ "threat_severity" : "Important", "public_date" : "2021-06-08T17:00:00Z", "bugzilla" : { "description" : "hw: vt-d related privilege escalation", "id" : "1962650", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1962650" }, "cvss3" : { "cvss3_base_score" : "8.8", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-459", "details" : [ "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.", "A flaw was found in IntelĀ® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability." ], "acknowledgement" : "Red Hat would like to thank Intel for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6 Extended Lifecycle Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2299", "cpe" : "cpe:/o:redhat:rhel_els:6", "package" : "microcode_ctl-2:1.17-33.33.el6_10" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2305", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "microcode_ctl-2:2.1-73.9.el7_9" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2021-08-09T00:00:00Z", "advisory" : "RHSA-2021:3028", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "microcode_ctl-2:2.1-73.11.el7_9" }, { "product_name" : "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2300", "cpe" : "cpe:/o:redhat:rhel_aus:7.2", "package" : "microcode_ctl-2:2.1-12.37.el7_2" }, { "product_name" : "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date" : "2021-08-31T00:00:00Z", "advisory" : "RHSA-2021:3323", "cpe" : "cpe:/o:redhat:rhel_aus:7.2", "package" : "microcode_ctl-2:2.1-12.39.el7_2" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2302", "cpe" : "cpe:/o:redhat:rhel_aus:7.3", "package" : "microcode_ctl-2:2.1-16.40.el7_3" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date" : "2021-08-31T00:00:00Z", "advisory" : "RHSA-2021:3322", "cpe" : "cpe:/o:redhat:rhel_aus:7.3", "package" : "microcode_ctl-2:2.1-16.42.el7_3" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2301", "cpe" : "cpe:/o:redhat:rhel_aus:7.4", "package" : "microcode_ctl-2:2.1-22.39.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3255", "cpe" : "cpe:/o:redhat:rhel_aus:7.4", "package" : "microcode_ctl-2:2.1-22.41.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2301", "cpe" : "cpe:/o:redhat:rhel_tus:7.4", "package" : "microcode_ctl-2:2.1-22.39.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3255", "cpe" : "cpe:/o:redhat:rhel_tus:7.4", "package" : "microcode_ctl-2:2.1-22.41.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2301", "cpe" : "cpe:/o:redhat:rhel_e4s:7.4", "package" : "microcode_ctl-2:2.1-22.39.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3255", "cpe" : "cpe:/o:redhat:rhel_e4s:7.4", "package" : "microcode_ctl-2:2.1-22.41.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2303", "cpe" : "cpe:/o:redhat:rhel_aus:7.6", "package" : "microcode_ctl-2:2.1-47.21.el7_6" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)", "release_date" : "2021-08-31T00:00:00Z", "advisory" : "RHSA-2021:3317", "cpe" : "cpe:/o:redhat:rhel_aus:7.6", "package" : "microcode_ctl-2:2.1-47.23.el7_6" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Telco Extended Update Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2303", "cpe" : "cpe:/o:redhat:rhel_tus:7.6", "package" : "microcode_ctl-2:2.1-47.21.el7_6" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Telco Extended Update Support", "release_date" : "2021-08-31T00:00:00Z", "advisory" : "RHSA-2021:3317", "cpe" : "cpe:/o:redhat:rhel_tus:7.6", "package" : "microcode_ctl-2:2.1-47.23.el7_6" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2303", "cpe" : "cpe:/o:redhat:rhel_e4s:7.6", "package" : "microcode_ctl-2:2.1-47.21.el7_6" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions", "release_date" : "2021-08-31T00:00:00Z", "advisory" : "RHSA-2021:3317", "cpe" : "cpe:/o:redhat:rhel_e4s:7.6", "package" : "microcode_ctl-2:2.1-47.23.el7_6" }, { "product_name" : "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2304", "cpe" : "cpe:/o:redhat:rhel_eus:7.7", "package" : "microcode_ctl-2:2.1-53.16.el7_7" }, { "product_name" : "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date" : "2021-08-10T00:00:00Z", "advisory" : "RHSA-2021:3029", "cpe" : "cpe:/o:redhat:rhel_eus:7.7", "package" : "microcode_ctl-2:2.1-53.18.el7_7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2308", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "microcode_ctl-4:20210216-1.20210525.1.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2021-08-09T00:00:00Z", "advisory" : "RHSA-2021:3027", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "microcode_ctl-4:20210216-1.20210608.1.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2306", "cpe" : "cpe:/o:redhat:rhel_eus:8.1", "package" : "microcode_ctl-4:20190618-1.20210525.1.el8_1" }, { "product_name" : "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date" : "2021-08-17T00:00:00Z", "advisory" : "RHSA-2021:3176", "cpe" : "cpe:/o:redhat:rhel_eus:8.1", "package" : "microcode_ctl-4:20190618-1.20210608.1.el8_1" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date" : "2021-06-09T00:00:00Z", "advisory" : "RHSA-2021:2307", "cpe" : "cpe:/o:redhat:rhel_eus:8.2", "package" : "microcode_ctl-4:20191115-4.20210525.1.el8_2" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date" : "2021-08-31T00:00:00Z", "advisory" : "RHSA-2021:3364", "cpe" : "cpe:/o:redhat:rhel_eus:8.2", "package" : "microcode_ctl-4:20191115-4.20210608.1.el8_2" }, { "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date" : "2021-06-22T00:00:00Z", "advisory" : "RHSA-2021:2519", "cpe" : "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package" : "redhat-virtualization-host-0:4.3.16-20210615.0.el7_9" }, { "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date" : "2021-06-22T00:00:00Z", "advisory" : "RHSA-2021:2522", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package" : "redhat-virtualization-host-0:4.4.6-20210615.0.el8_4" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-24489\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-24489" ], "name" : "CVE-2020-24489", "csaw" : false }