CVE-2024-36293
Public on 2025-02-12
Modified on 2025-03-13
Description
Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
Re-evaluating: marking it as not affected as requested by SIG owner
Reason: Affects Intel SGX which is disabled in AWS.
Re-evaluating: marking it as not affected as requested by SIG owner
Reason: Affects Intel SGX which is disabled in AWS.
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| HAQM Linux 1 | microcode_ctl | No Fix Planned | ||
| HAQM Linux 2 - Core | microcode_ctl | Not Affected | ||
| HAQM Linux 2023 | microcode_ctl | Not Affected |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| HAQM Linux | CVSSv3 | 6.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
| NVD | CVSSv3 | 6.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |