intel-microcode vulnerabilities

Known vulnerabilities in the intel-microcode package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Improperly Implemented Security Check for Standard	*
L Insufficient Granularity of Access Control	*
L Out-of-bounds Write	*
L Missing Reference to Active Allocated Resource	*
L Improper Handling of Overlap Between Protected Memory Ranges	*
L Sequence of Processor Instructions Leads to Unexpected Behavior	*
L Insufficient Control Flow Management	*
L Insufficient Compartmentalization	*
L Out-of-Bounds	*
L Insufficient Resource Pool	<3.20250512.1
L Improper Finite State Machines (FSMs) in Hardware Logic	<3.20250211.1
L Improper Input Validation	<3.20250211.1
L Improper Finite State Machines (FSMs) in Hardware Logic	<3.20241112.1
L CVE-2023-43490	<3.20240312.1
L CVE-2023-45745	<3.20240514.1
L CVE-2023-22655	<3.20240312.1
L Improper Input Validation	<3.20250211.1
L Information Exposure	<3.20240910.1
M Exposure of Resource to Wrong Sphere	<3.20210608.1
M Incomplete Cleanup	<3.20220510.1
M Improper Cross-boundary Removal of Sensitive Data	<3.20201110.1
M Incomplete Cleanup	<3.20220510.1
M Information Exposure	<3.20180703.1
M Information Exposure	<3.20200609.1
L CVE-2024-39355	<3.20250211.1
L CVE-2024-45332	<3.20250512.1
L Improper Finite State Machines (FSMs) in Hardware Logic	<3.20240910.1
L Incorrect Behavior Order	<3.20250512.1
L CVE-2023-46103	<3.20240514.1
M CVE-2022-21233	<3.20220809.1
M Incomplete Cleanup	<3.20220510.1
M CVE-2020-8698	<3.20201110.1
M CVE-2022-21216	<3.20230214.1
M Information Exposure	<3.20190514.1
L Improper Input Validation	<3.20250211.1
L CVE-2025-20623	<3.20250512.1
M CVE-2019-11091	<3.20190514.1
L CVE-2024-23918	<3.20241112.1
L CVE-2024-43420	<3.20250512.1
L CVE-2023-45733	<3.20240514.1
M Information Exposure	<3.20180703.1
L CVE-2023-38575	<3.20240312.1
L CVE-2024-24853	<3.20240813.1
M CVE-2023-23908	<3.20230808.1
M CVE-2022-41804	<3.20230808.1
L CVE-2023-39368	<3.20240312.1
M CVE-2022-38090	<3.20230214.1
L Insufficient Granularity of Access Control	<3.20250211.1
M Incorrect Default Permissions	<3.20230214.1
M Incomplete Cleanup	<3.20220510.1
M CVE-2021-33117	<3.20220207.1
L CVE-2024-24980	<3.20240813.1
M CVE-2020-24513	<3.20210608.1
M Information Exposure	<3.20180425.1
M Improper Check for Unusual or Exceptional Conditions	<3.20191112.1
M Information Exposure	<3.20200609.1
M Information Exposure	<3.20190514.1
L CVE-2023-49141	<3.20240514.1
M Improper Check for Unusual or Exceptional Conditions	<3.20191115.1
L Uncaught Exception	<3.20250512.1
L Improper Access Control	<3.20250211.1
L CVE-2023-47855	<3.20240514.1
L CVE-2023-28746	<3.20240312.1
L CVE-2024-25939	<3.20240813.1
M CVE-2021-0127	<3.20220207.1
L CVE-2023-42667	<3.20240813.1
M CVE-2018-3646	<3.20180703.1
M CVE-2022-21151	<3.20220510.1
M Information Exposure	<3.20180703.1
M Information Exposure	<3.20200609.1
H Incomplete Cleanup	<3.20210608.1
M CVE-2019-11135	<3.20191112.1
L Sequence of Processor Instructions Leads to Unexpected Behavior	<3.20250211.1
L CVE-2025-24495	<3.20250512.1
L Improper Input Validation	<3.20250211.1
L Improper Initialization	<3.20250211.1
L CVE-2024-28956	<3.20250512.1
L Incorrect Default Permissions	<3.20241112.1
L Improper Input Validation	<3.20250211.1
L Improper Input Validation	<3.20250211.1
H Sequence of Processor Instructions Leads to Unexpected Behavior	<3.20231114.1
M Information Exposure	<3.20230808.1
L Information Exposure	<3.20210608.1
M CVE-2020-8695	<3.20201110.1
M Out-of-bounds Read	<3.20220207.1
M Improper Initialization	<3.20220207.1
M Information Exposure	<3.20190514.1
M Incorrect Calculation	<3.20230214.1
M Information Exposure	<3.20180703.1

Vulnerability

Vulnerable Version

Improperly Implemented Security Check for Standard