CVE-2023-45745: Input Validation

Q: What is the severity of CVE-2023-45745?

CVE-2023-45745 is classified as a vulnerability that may allow escalation of privileges by a privileged user.

Q: How do I fix CVE-2023-45745?

To fix CVE-2023-45745, upgrade the affected Intel microcode to the recommended version specific to your operating system.

Q: Which versions of Intel microcode are affected by CVE-2023-45745?

Versions of Intel microcode before 1.5.05.46.698 are affected by CVE-2023-45745.

Q: What type of systems are impacted by CVE-2023-45745?

CVE-2023-45745 impacts systems running specific versions of Intel microcode on Ubuntu and Debian distributions.

Q: Is local access required to exploit CVE-2023-45745?

Yes, local access is required to exploit CVE-2023-45745.

Published May 16, 2024

Updated

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.

Affected Software

9 affected componentsFixes available

ubuntu/intel-microcode<3.20240514.0ubuntu0.18.04.1+

3.20240514.0ubuntu0.18.04.1+

ubuntu/intel-microcode<3.20240514.0ubuntu0.20.04.1

3.20240514.0ubuntu0.20.04.1

ubuntu/intel-microcode<3.20240514.0ubuntu0.22.04.1

3.20240514.0ubuntu0.22.04.1

ubuntu/intel-microcode<3.20240514.0ubuntu0.23.10.1

3.20240514.0ubuntu0.23.10.1

ubuntu/intel-microcode<3.20240514.0ubuntu0.24.04.1

3.20240514.0ubuntu0.24.04.1

ubuntu/intel-microcode<3.20240514.0ubuntu0.16.04.1+

3.20240514.0ubuntu0.16.04.1+

debian/intel-microcode<=3.20231114.1~deb11u1, <=3.20231114.1~deb12u1

3.20240514.1~deb11u13.20240514.1~deb12u13.20240813.2

Intel TDX module<1.5.05.46.698

NetApp Hci Compute Node Bios

Event History

May 16, 2024

CVE Published

via Ubuntu·12:00 AM

CVE Published

via MITRE·08:47 PM

Data Sourced

via MITRE·08:47 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·09:15 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·09:15 PM

Affected Software

Jun 30, 2024

Data Sourced

via Launchpad·12:52 PM

Description

Parent advisories

This vulnerability appears in the following advisories.

USN-6797-1

Frequently Asked Questions

What is the severity of CVE-2023-45745?

CVE-2023-45745 is classified as a vulnerability that may allow escalation of privileges by a privileged user.

How do I fix CVE-2023-45745?

To fix CVE-2023-45745, upgrade the affected Intel microcode to the recommended version specific to your operating system.

Which versions of Intel microcode are affected by CVE-2023-45745?

Versions of Intel microcode before 1.5.05.46.698 are affected by CVE-2023-45745.

What type of systems are impacted by CVE-2023-45745?

CVE-2023-45745 impacts systems running specific versions of Intel microcode on Ubuntu and Debian distributions.

Is local access required to exploit CVE-2023-45745?

Yes, local access is required to exploit CVE-2023-45745.

CVE-2023-45745: Input Validation

Affected Software

Event History

Parent advisories

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2023-45745?

How do I fix CVE-2023-45745?

Which versions of Intel microcode are affected by CVE-2023-45745?

What type of systems are impacted by CVE-2023-45745?

Is local access required to exploit CVE-2023-45745?

Company

Resources

Contact