SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   CPU (Generic) Vendors:   Intel
Intel SPI Flash Unsafe Opcodes Lets Local Users Cause Denial of Service Conditions
SecurityTracker Alert ID:  1040626
SecurityTracker URL:  http://securitytracker.com/id/1040626
CVE Reference:   CVE-2017-5703   (Links to External Site)
Date:  Apr 4 2018
Impact:   Denial of service via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Intel SPI Flash. A local user can cause denial of service conditions on the target system.

A local user can access unsafe opcodes in SPI Flash to modify the behavior of the SPI Flash and cause denial of service conditions on the target system.

The following platforms are affected:

8th generation Intel Core Processors
7th generation Intel Core Processors
6th generation Intel Core Processors
5th generation Intel Core Processors
Intel Pentium and Celeron Processor N3520, N2920, and N28XX
Intel Atom Processor x7-Z8XXX, x5-8XXX Processor Family
Intel Pentium Processor J3710 and N37XX
Intel Celeron Processor J3XXX
Intel Atom x5-E8000 Processor
Intel Pentium Processor J4205 and N4200
Intel Celeron Processor J3455, J3355, N3350, and N3450
Intel Atom Processor x7-E39XX Processor
Intel Xeon Scalable Processors
Intel Xeon Processor E3 v6 Family
Intel Xeon Processor E3 v5 Family
Intel Xeon Processor E7 v4 Family
Intel Xeon Processor E7 v3 Family
Intel Xeon Processor E7 v2 Family
Intel Xeon Phi Processor x200
Intel Xeon Processor D Family
Intel Atom Processor C Series

Impact:   A local user can cause denial of service conditions on the target system.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00087&languageid=en-fr

Vendor URL:  security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00087&languageid=en-fr (Links to External Site)
Cause:   Access control error

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 27 2018 (HPE Issues Fix for HPE ProLiant) Intel SPI Flash Unsafe Opcodes Lets Local Users Cause Denial of Service Conditions
HPE has issued a fix for HPE ProLiant.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC