microcode_ctl vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the microcode_ctl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Improper Handling of Overlap Between Protected Memory Ranges	<2:2.1-47.amzn2.4.26
H Improperly Implemented Security Check for Standard	<2:2.1-47.amzn2.4.26
H Insufficient Granularity of Access Control	<2:2.1-47.amzn2.4.26
H Out-of-bounds Write	<2:2.1-47.amzn2.4.26
H Sequence of Processor Instructions Leads to Unexpected Behavior	<2:2.1-47.amzn2.4.26
H Uncaught Exception	<2:2.1-47.amzn2.4.24
H Insufficient Resource Pool	<2:2.1-47.amzn2.4.24
H CVE-2024-45332	<2:2.1-47.amzn2.4.24
H Missing Reference to Active Allocated Resource	<2:2.1-47.amzn2.4.25
H CVE-2024-28956	<2:2.1-47.amzn2.4.24
H Out-of-Bounds	<2:2.1-47.amzn2.4.25
H Insufficient Compartmentalization	<2:2.1-47.amzn2.4.24
H Insufficient Control Flow Management	<2:2.1-47.amzn2.4.25
M CVE-2024-45332	<2:2.1-47.amzn2.4.24
M Uncaught Exception	<2:2.1-47.amzn2.4.24
M Insufficient Resource Pool	<2:2.1-47.amzn2.4.24
M CVE-2024-28956	<2:2.1-47.amzn2.4.24
M Information Exposure	<2:2.1-47.amzn2.1.15
M Sequence of Processor Instructions Leads to Unexpected Behavior	<2:2.1-47.amzn2.4.23
M Insufficient Granularity of Access Control	<2:2.1-47.amzn2.4.23
M Improper Finite State Machines (FSMs) in Hardware Logic	<2:2.1-47.amzn2.4.23
H CVE-2024-23918	<2:2.1-47.amzn2.4.22
H Incorrect Default Permissions	<2:2.1-47.amzn2.4.22
H Improper Finite State Machines (FSMs) in Hardware Logic	<2:2.1-47.amzn2.4.22
H CVE-2024-24980	<2:2.1-47.amzn2.4.22
H Improper Finite State Machines (FSMs) in Hardware Logic	<2:2.1-47.amzn2.4.22
H Information Exposure	<2:2.1-47.amzn2.4.22
H CVE-2024-24853	<2:2.1-47.amzn2.4.22
H CVE-2024-22374	<2:2.1-47.amzn2.4.19
H CVE-2023-49141	<2:2.1-47.amzn2.4.19
M CVE-2024-22374	<2:2.1-47.amzn2.4.19
M Incorrect Default Permissions	<2:2.1-47.amzn2.0.15
H Improper Cross-boundary Removal of Sensitive Data	<2:2.1-47.amzn2.0.11
M Non-Transparent Sharing of Microarchitectural Resources	<2:2.1-47.amzn2.4.17
M Protection Mechanism Failure	<2:2.1-47.amzn2.4.17
M Incorrect Default Permissions	<2:2.1-47.amzn2.0.13
H Sequence of Processor Instructions Leads to Unexpected Behavior	<2:2.1-47.amzn2.4.15
M Information Exposure	<2:2.1-47.amzn2.1.15
M Incorrect Calculation	<2:2.1-47.amzn2.0.15
M CVE-2022-21216	<2:2.1-47.amzn2.0.15
M CVE-2022-38090	<2:2.1-47.amzn2.0.15
M Information Exposure	<2:2.1-47.amzn2.0.13
M Incomplete Cleanup	<2:2.1-47.amzn2.0.12
M Improper Cross-boundary Removal of Sensitive Data	<2:2.1-47.amzn2.0.12
H CVE-2021-0127	<2:2.1-47.amzn2.0.11
H CVE-2021-0146	<2:2.1-47.amzn2.0.11
M Improper Cross-boundary Removal of Sensitive Data	<2:2.1-47.amzn2.0.9
M Improper Resource Shutdown or Release	<2:2.1-47.amzn2.0.7
M Improper Resource Shutdown or Release	<2:2.1-47.amzn2.0.7
M Incomplete Cleanup	<2:2.1-47.amzn2.0.7
M CVE-2019-11135	<2:2.1-47.amzn2.0.4
M Improper Check for Unusual or Exceptional Conditions	<2:2.1-47.amzn2.0.4
H Information Exposure	<2:2.1-22.5.amzn2

Vulnerability

Vulnerable Version

Improper Handling of Overlap Between Protected Memory Ranges

<2:2.1-47.amzn2.4.26