CVE-2023-46103

NameCVE-2023-46103
DescriptionSequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesELA-1169-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
intel-microcode (PTS)jessie/non-free3.20240910.1~deb8u1fixed
jessie/non-free (lts)3.20230214.1~deb8u1vulnerable
stretch/non-free3.20240910.1~deb9u1fixed
stretch/non-free (security)3.20210608.2~deb9u2vulnerable
stretch/non-free (lts)3.20230214.1~deb9u1vulnerable
buster/non-free3.20240910.1~deb10u1fixed
buster/non-free (security)3.20240312.1~deb10u1vulnerable
bullseye/non-free3.20240813.1~deb11u1fixed
bullseye/non-free (security)3.20240910.1~deb11u1fixed
bookworm/non-free-firmware3.20240910.1~deb12u1fixed
bookworm/non-free-firmware (security)3.20231114.1~deb12u1vulnerable
sid/non-free-firmware, trixie/non-free-firmware3.20241112.1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
intel-microcodesourcejessie3.20240813.1~deb8u1ELA-1169-1
intel-microcodesourcestretch3.20240813.1~deb9u1ELA-1169-1
intel-microcodesourcebuster3.20240813.1~deb10u1ELA-1169-1
intel-microcodesourcebullseye3.20240514.1~deb11u1
intel-microcodesourcebookworm3.20240514.1~deb12u1
intel-microcodesource(unstable)3.20240514.1

Notes

[buster] - intel-microcode <postponed> (Minor issue; can be fixed in next update)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240514

Search for package or bug name: Reporting problems