intel-ucode vulnerabilities

Known vulnerabilities in the intel-ucode package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Insufficient Compartmentalization	<20250812-r0
L Missing Reference to Active Allocated Resource	<20250812-r0
L Improper Handling of Overlap Between Protected Memory Ranges	<20250812-r0
L Out-of-Bounds	<20250812-r0
L Insufficient Control Flow Management	<20250812-r0
L Insufficient Granularity of Access Control	<20250812-r0
L Out-of-bounds Write	<20250812-r0
L Improperly Implemented Security Check for Standard	<20250812-r0
L Sequence of Processor Instructions Leads to Unexpected Behavior	<20250812-r0
L CVE-2024-28956	<20250512-r0
L Uncaught Exception	<20250512-r0
L CVE-2025-24495	<20250512-r0
L Incorrect Behavior Order	<20250512-r0
L Insufficient Resource Pool	<20250512-r0
L CVE-2025-20623	<20250512-r0
L CVE-2024-45332	<20250512-r0
L CVE-2024-43420	<20250512-r0
L Sequence of Processor Instructions Leads to Unexpected Behavior	<20250211-r0
L CVE-2024-39355	<20250211-r0
L Improper Finite State Machines (FSMs) in Hardware Logic	<20250211-r0
L Improper Input Validation	<20250211-r0
L Improper Access Control	<20250211-r0
L CVE-2023-42667	<20240813-r0
L Information Exposure	<20240910-r0
L CVE-2023-49141	<20240813-r0
L Improper Finite State Machines (FSMs) in Hardware Logic	<20240910-r0
L CVE-2024-23918	<20241112-r0
H CVE-2023-45745	<20240514-r0
L CVE-2023-46103	<20240514-r0
M CVE-2022-41804	<20230808-r0
L CVE-2023-45733	<20240514-r0
L CVE-2023-39368	<20240312-r0
L CVE-2023-43490	<20240312-r0
L CVE-2023-28746	<20240312-r0
L CVE-2023-22655	<20240312-r0
M Information Exposure	<20230808-r0
H Sequence of Processor Instructions Leads to Unexpected Behavior	<20231114-r0
M CVE-2023-23908	<20230808-r0
L CVE-2023-38575	<20240312-r0
M Incorrect Default Permissions	<20230214-r0
M CVE-2022-38090	<20230214-r0
M CVE-2022-21216	<20230214-r0
M CVE-2022-21233	<20220809-r0
M CVE-2022-21151	<20220510-r0
M CVE-2021-0146	<20220207-r0
M Exposure of Resource to Wrong Sphere	<20210608-r0
M CVE-2021-0127	<20220207-r0
M CVE-2020-24513	<20210608-r0
H Incomplete Cleanup	<20210608-r0
M Information Exposure	<20190514a-r0
M CVE-2020-8694	<20201112-r0
M Improper Resource Shutdown or Release	<20200609-r0
M Information Exposure	<20190514a-r0
L Improper Finite State Machines (FSMs) in Hardware Logic	<20241112-r0
M CVE-2019-11135	<20191113-r0
M Information Exposure	<20190618-r0
L CVE-2024-25939	<20240813-r0
L CVE-2024-24980	<20240813-r0
L CVE-2024-24853	<20240813-r0
M Exposure of Resource to Wrong Sphere	<20201112-r0

Vulnerability

Vulnerable Version

Insufficient Compartmentalization

<20250812-r0

Missing Reference to Active Allocated Resource

<20250812-r0

Improper Handling of Overlap Between Protected Memory Ranges

<20250812-r0

Out-of-Bounds

<20250812-r0

Insufficient Control Flow Management

<20250812-r0