Security Alert (A23-11-15): Vulnerability in Intel Products
16 November 2023
Intel has issued a security advisory (INTEL-SA-00950) to address a vulnerability in some Intel processors. A local unauthenticated attacker could execute specially crafted code to exploit the vulnerability.
10th, 11th, 12th, 13th Generation Intel Core Processor Family
3rd, 4th Generation Intel Xeon Scalable Processor Family
Successful exploitation of the vulnerability could lead to denial of service, information disclosure or privilege escalation on an affected system.
Intel has provided microcode updates for all affected processors. Microcode updates are typically included with updates from the original equipment manufacturers (OEM), operating system vendors (OSV) and hypervisor vendors. Some product vendors such as Dell and Citrix have provided patches and relevant advice regarding the vulnerability. The following is only a sample list of advice provided by the product vendors. The list is not exhaustive and it is strongly recommended to consult the product vendors if the products in use are affected and the availability of patches, and if so, apply the patches or follow the recommendations provided by the product vendors to mitigate the risk.