CVE-2020-24513: Infoleak
First published: Thu May 20 2021(Updated: )
Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/intel-microcode | 3.20220510.1~deb10u1 3.20230808.1~deb10u1 3.20230808.1~deb11u1 3.20230808.1~deb12u1 3.20230808.1 | |
| Intel Atom c3308 | ||
| Intel Atom c3336 | ||
| Intel Atom c3338 | ||
| Intel Atom c3338r | ||
| Intel Atom c3436l | ||
| Intel Atom c3508 | ||
| Intel Atom c3538 | ||
| Intel Atom c3558 | ||
| Intel Atom c3558r | ||
| Intel Atom c3558rc | ||
| Intel Atom c3708 | ||
| Intel Atom c3750 | ||
| Intel Atom c3758 | ||
| Intel Atom c3758r | ||
| Intel Atom c3808 | ||
| Intel Atom c3830 | ||
| Intel Atom c3850 | ||
| Intel Atom c3858 | ||
| Intel Atom c3950 | ||
| Intel Atom c3955 | ||
| Intel Atom c3958 | ||
| Intel Atom p5942b | ||
| Intel Atom x5-a3930 | ||
| Intel Atom x5-a3940 | ||
| Intel Atom x5-a3950 | ||
| Intel Atom x5-a3960 | ||
| Intel atom x6200fe | ||
| Intel atom x6211e | ||
| Intel atom x6212re | ||
| Intel atom x6413e | ||
| Intel atom x6425e | ||
| Intel atom x6425re | ||
| Intel atom x6427fe | ||
| Intel Celeron j3355 | ||
| Intel Celeron j3355e | ||
| Intel Celeron j3455 | ||
| Intel celeron j3455e | ||
| Intel Celeron j4005 | ||
| Intel Celeron j4025 | ||
| Intel Celeron j4105 | ||
| Intel Celeron j4125 | ||
| Intel celeron j6413 | ||
| Intel Celeron n3350 | ||
| Intel Celeron n3350e | ||
| Intel Celeron n3450 | ||
| Intel Celeron n4000 | ||
| Intel Celeron n4020 | ||
| Intel Celeron n4100 | ||
| Intel Celeron n4120 | ||
| Intel celeron n6211 | ||
| Intel core i3-l13g4 | ||
| Intel core i5-l16g7 | ||
| Intel p5921b | ||
| Intel p5931b | ||
| Intel p5962b | ||
| Intel pentium j4205 | ||
| Intel pentium j6425 | ||
| Intel pentium n4200 | ||
| Intel pentium n4200e | ||
| Intel pentium n6415 | ||
| Intel pentium silver j5005 | ||
| Intel pentium silver j5040 | ||
| Intel pentium silver n5000 | ||
| Intel pentium silver n5030 | ||
| Debian GNU/Linux | =9.0 | |
| Debian GNU/Linux | =10.0 | |
| siemens simatic drive controller firmware | ||
| siemens simatic drive controller | ||
| Siemens SIMATIC ET 200SP Open Controller firmware | <0209_0105 | |
| siemens simatic et 200sp open controller | ||
| siemens simatic ipc127e firmware | <21.01.07 | |
| siemens simatic ipc127e |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf
- https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html
- https://www.debian.org/security/2021/dsa-4934
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html
- https://access.redhat.com/errata/RHSA-2021:2299
- https://access.redhat.com/errata/RHSA-2021:2302
- https://access.redhat.com/errata/RHSA-2021:2300
- https://access.redhat.com/errata/RHSA-2021:2306
- https://access.redhat.com/errata/RHSA-2021:2307
- https://access.redhat.com/errata/RHSA-2021:2308
- https://access.redhat.com/errata/RHSA-2021:2301
- https://access.redhat.com/errata/RHSA-2021:2303
- https://access.redhat.com/errata/RHSA-2021:2304
- https://access.redhat.com/errata/RHSA-2021:2305
- https://access.redhat.com/security/cve/cve-2020-24513
- https://bugzilla.redhat.com/show_bug.cgi?id=1962666
- https://www.cve.org/CVERecord?id=CVE-2020-24513 https://nvd.nist.gov/vuln/detail/CVE-2020-24513
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608
- https://security-tracker.debian.org/tracker/CVE-2020-24513
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the vulnerability ID for this Intel Atom processor vulnerability?
The vulnerability ID for this Intel Atom processor vulnerability is CVE-2020-24513.
What is the severity level of CVE-2020-24513?
CVE-2020-24513 has a severity level of medium.
How does CVE-2020-24513 affect Intel Atom processors?
CVE-2020-24513 can reveal supervisor data in the L1 cache and the contents of recent stores on some Intel Atom processors.
Which software versions are affected by CVE-2020-24513?
The affected software versions include debian/intel-microcode:3.20220510.1~deb10u1, debian/intel-microcode:3.20230808.1~deb10u1, debian/intel-microcode:3.20230808.1~deb11u1, debian/intel-microcode:3.20230808.1~deb12u1, and debian/intel-microcode:3.20230808.1.
How can I fix CVE-2020-24513?
To fix CVE-2020-24513, update the intel-microcode package to the recommended versions provided by the vendor.
- collector/redhat-cve
- collector/security-tracker-debian
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-24513
- agent/first-publish-date
- agent/type
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/intel
- canonical/intel atom c3308
- canonical/intel atom c3336
- canonical/intel atom c3338
- canonical/intel atom c3338r
- canonical/intel atom c3436l
- canonical/intel atom c3508
- canonical/intel atom c3538
- canonical/intel atom c3558
- canonical/intel atom c3558r
- canonical/intel atom c3558rc
- canonical/intel atom c3708
- canonical/intel atom c3750
- canonical/intel atom c3758
- canonical/intel atom c3758r
- canonical/intel atom c3808
- canonical/intel atom c3830
- canonical/intel atom c3850
- canonical/intel atom c3858
- canonical/intel atom c3950
- canonical/intel atom c3955
- canonical/intel atom c3958
- canonical/intel atom p5942b
- canonical/intel atom x5-a3930
- canonical/intel atom x5-a3940
- canonical/intel atom x5-a3950
- canonical/intel atom x5-a3960
- canonical/intel atom x6200fe
- canonical/intel atom x6211e
- canonical/intel atom x6212re
- canonical/intel atom x6413e
- canonical/intel atom x6425e
- canonical/intel atom x6425re
- canonical/intel atom x6427fe
- canonical/intel celeron j3355
- canonical/intel celeron j3355e
- canonical/intel celeron j3455
- canonical/intel celeron j3455e
- canonical/intel celeron j4005
- canonical/intel celeron j4025
- canonical/intel celeron j4105
- canonical/intel celeron j4125
- canonical/intel celeron j6413
- canonical/intel celeron n3350
- canonical/intel celeron n3350e
- canonical/intel celeron n3450
- canonical/intel celeron n4000
- canonical/intel celeron n4020
- canonical/intel celeron n4100
- canonical/intel celeron n4120
- canonical/intel celeron n6211
- canonical/intel core i3-l13g4
- canonical/intel core i5-l16g7
- canonical/intel p5921b
- canonical/intel p5931b
- canonical/intel p5962b
- canonical/intel pentium j4205
- canonical/intel pentium j6425
- canonical/intel pentium n4200
- canonical/intel pentium n4200e
- canonical/intel pentium n6415
- canonical/intel pentium silver j5005
- canonical/intel pentium silver j5040
- canonical/intel pentium silver n5000
- canonical/intel pentium silver n5030
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/9.0
- version/debian gnu/linux/10.0
- vendor/siemens
- canonical/siemens simatic drive controller firmware
- canonical/siemens simatic drive controller
- canonical/siemens simatic et 200sp open controller firmware
- canonical/siemens simatic et 200sp open controller
- canonical/siemens simatic ipc127e firmware
- canonical/siemens simatic ipc127e