CVE-2024-39355
Publication date 12 February 2025
Last updated 30 May 2025
Ubuntu priority
Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| intel-microcode | 24.10 oracular | Ignored not fixable by OS microcode |
| 24.04 LTS noble | Ignored not fixable by OS microcode | |
| 22.04 LTS jammy | Ignored not fixable by OS microcode | |
| 20.04 LTS focal | Ignored not fixable by OS microcode | |
| 18.04 LTS bionic | Ignored not fixable by OS microcode | |
| 16.04 LTS xenial | Ignored not fixable by OS microcode | |
| 14.04 LTS trusty | Ignored not fixable by OS microcode |
Notes
alexmurray
There is no evidence that this CVE can be addressed by a microcode update from the OS itself, only from the BIOS
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
6.5 · Medium
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Changed |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2024-39355
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01228.html
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211
- https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01228.html