microcode_ctl vulnerabilities

Known vulnerabilities in the microcode_ctl package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H CVE-2024-23918	<2:2.1-47.amzn2.4.22
H Incorrect Default Permissions	<2:2.1-47.amzn2.4.22
H Improper Finite State Machines (FSMs) in Hardware Logic	<2:2.1-47.amzn2.4.22
H CVE-2024-24980	<2:2.1-47.amzn2.4.22
H Improper Finite State Machines (FSMs) in Hardware Logic	<2:2.1-47.amzn2.4.22
H Information Exposure	<2:2.1-47.amzn2.4.22
H CVE-2024-24853	<2:2.1-47.amzn2.4.22
H CVE-2024-22374	<2:2.1-47.amzn2.4.19
H CVE-2023-49141	<2:2.1-47.amzn2.4.19
M CVE-2024-22374	<2:2.1-47.amzn2.4.19
M Incorrect Default Permissions	<2:2.1-47.amzn2.0.15
H Improper Cross-boundary Removal of Sensitive Data	<2:2.1-47.amzn2.0.11
M Non-Transparent Sharing of Microarchitectural Resources	<2:2.1-47.amzn2.4.17
M Protection Mechanism Failure	<2:2.1-47.amzn2.4.17
M Incorrect Default Permissions	<2:2.1-47.amzn2.0.13
H Sequence of Processor Instructions Leads to Unexpected Behavior	<2:2.1-47.amzn2.4.15
M Information Exposure	<2:2.1-47.amzn2.1.15
M Incorrect Calculation	<2:2.1-47.amzn2.0.15
M CVE-2022-21216	<2:2.1-47.amzn2.0.15
M CVE-2022-38090	<2:2.1-47.amzn2.0.15
M Information Exposure	<2:2.1-47.amzn2.0.13
M Incomplete Cleanup	<2:2.1-47.amzn2.0.12
M Improper Cross-boundary Removal of Sensitive Data	<2:2.1-47.amzn2.0.12
H CVE-2021-0127	<2:2.1-47.amzn2.0.11
H CVE-2021-0146	<2:2.1-47.amzn2.0.11
M Improper Cross-boundary Removal of Sensitive Data	<2:2.1-47.amzn2.0.9
M Improper Resource Shutdown or Release	<2:2.1-47.amzn2.0.7
M Improper Resource Shutdown or Release	<2:2.1-47.amzn2.0.7
M Incomplete Cleanup	<2:2.1-47.amzn2.0.7
M CVE-2019-11135	<2:2.1-47.amzn2.0.4
M Improper Check for Unusual or Exceptional Conditions	<2:2.1-47.amzn2.0.4
H Sensitive Information Uncleared Before Release	<2:2.1-22.5.amzn2

Vulnerability

Vulnerable Version

CVE-2024-23918

<2:2.1-47.amzn2.4.22

Incorrect Default Permissions

<2:2.1-47.amzn2.4.22

Improper Finite State Machines (FSMs) in Hardware Logic

<2:2.1-47.amzn2.4.22

CVE-2024-24980

<2:2.1-47.amzn2.4.22

Improper Finite State Machines (FSMs) in Hardware Logic

<2:2.1-47.amzn2.4.22