microcode_ctl vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the microcode_ctl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Insufficient Resource Pool	*
M Uncaught Exception	*
M Hardware Features Enable Physical Attacks from Software	*
M Improper Access Control	*
M Improper Finite State Machines (FSMs) in Hardware Logic	*
M Improper Finite State Machines (FSMs) in Hardware Logic	*
M Insufficient Granularity of Access Control	*
M Improper Input Validation	*
M Improper Initialization	*
M Improper Finite State Machines (FSMs) in Hardware Logic	*
M Resource Exhaustion	*
L Information Exposure	*
M Improper Input Validation	*
M Protection Mechanism Failure	*
M Incorrect Calculation	*
M Protection Mechanism Failure	*
M CVE-2023-28746	*
M Non-Transparent Sharing of Microarchitectural Resources	*
H Unauthorized Error Injection Can Degrade Hardware Redundancy	<2:2.1-73.19.el7_9
M CVE-2022-38090	*
M Incorrect Calculation	*
H Incorrect Default Permissions	<2:2.1-73.16.el7_9
H CVE-2022-21216	<2:2.1-73.16.el7_9
M Out-of-bounds Read	*
M CVE-2021-0127	*
M Improper Initialization	*
H Information Exposure	<2:2.1-73.9.el7_9
H Information Exposure	<2:2.1-73.9.el7_9
H Information Exposure	<2:2.1-73.9.el7_9
H Incomplete Cleanup	<2:2.1-73.9.el7_9
H Improper Cross-boundary Removal of Sensitive Data	<2:2.1-73.11.el7_9
H Information Exposure	<2:2.1-73.11.el7_9
H Information Exposure	<2:2.1-73.11.el7_9
H Information Exposure	<2:2.1-73.11.el7_9
H Information Exposure	<2:2.1-73.11.el7_9
H Sensitive Information Uncleared Before Release	<2:2.1-29.el7
H Insufficient Granularity of Access Control	<2:2.1-53.3.el7_7
H Improper Cross-boundary Removal of Sensitive Data	<2:2.1-73.11.el7_9

Vulnerability

Vulnerable Version

Insufficient Resource Pool