Analysis Summary

CVE-2024-32941 CVSS:7.9

Intel Memory Latency Checker (Intel MLC) is vulnerable to a denial of service, caused by a NULL pointer dereference.

CVE-2024-24582 CVSS:7.5

Intel Processors allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in XmlCli feature for UEFI firmware.

CVE-2024-37355 CVSS:8.8

Intel Graphics software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper access control.

CVE-2024-29214 CVSS:7.5

Intel Processors allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in UEFI firmware CseVariableStorageSmm.

CVE-2024-38310 CVSS:8.2

Intel Graphics software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper access control.

Impact

• Denial of Service
• Privilege Escalation

Indicators of Compromise

CVE

• CVE-2024-32941

• CVE-2024-24582

• CVE-2024-37355

• CVE-2024-29214

• CVE-2024-38310

Affected Vendors

Affected Products

• Intel Pentium Processor Silver Series
• Intel Celeron processor N series
• Intel Celeron Processor J Series
• Intel 13th Generation Intel Core Processor Family
• Intel 12th Generation Intel Core Processor Family
• Intel Intel Pentium Gold Processor Family
• Intel Intel Celeron Processor Family
• Intel Graphics software
• Intel MLC software v3.11b

Remediation

Refer to Intel Software Advisory for patch, upgrade, or suggested workaround information.

CVE-2024-32941

CVE-2024-24582

CVE-2024-37355

CVE-2024-29214

CVE-2024-38310