2022年2月8日(米国時間)、Intelから複数のセキュリティアドバイザリが公開されました。影響を受ける製品やバージョンについての詳細は、Intelのアドバイザリを参照いただき、影響範囲の確認と対策をご検討ください。
INTEL-SA-00470:2021.2 IPU - Intel Chipset Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00470.html
Intel Server Platform Services (SPS)、 Intel Active Management Technology (AMT)、the Intel Power Management Controller (PMC)の一部のChipset Firmwareに権限昇格、サービス運用妨害(DoS)の脆弱性
INTEL-SA-00527:2021.2 IPU - BIOS Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527.html
一部のIntel ProcessorのBIOS firmware に権限昇格、サービス運用妨害(DoS)、情報漏えいの脆弱性
INTEL-SA-00532:2021.2 IPU - Intel Processor Breakpoint Control Flow Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html
一部のIntel Processorにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00539:Intel PROSet/Wireless Wi-Fi, Intel AMT Wireless and Killer Wi-Fi Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
Intel PROSet/Wireless Wi-Fi、Intel Active Management Technology (Intel AMT) Wireless、 Killer Wi-Fiに権限昇格、サービス運用妨害(DoS)、情報漏えいの脆弱性
INTEL-SA-00561:2021.2 IPU - Intel Processor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00561.html
一部のIntel Processorに情報漏えいの脆弱性
INTEL-SA-00571:Intel 82599 Ethernet Series Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html
Intel 82599 Ethernet Series Controllersおよび関連アダプターにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00574:Intel GPA Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00574.html
Intel Graphics Performance Analyzers (GPA) に権限昇格の脆弱性
INTEL-SA-00575:Intel AMT Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00575.html
Intel Active Management Technology (AMT) SDK、Intel Setup and Configuration Software (SCS)、Intel Management Engine BIOS eXtensions (MEBx) に権限昇格の脆弱性
INTEL-SA-00581:Intel Wireless Bluetooth and Killer Bluetooth for Windows Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00581.html
Intel Wireless Bluetooth products、Killer Bluetooth productsにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00582:Intel PROSet/Wireless WiFi and Killer WiFi Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00582.html
一部のIntel PROSet/Wireless WiFi、Killer WiFi productsに権限昇格、サービス運用妨害(DoS)、情報漏えいの脆弱性
INTEL-SA-00588:Intel RealSense DCM Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00588.html
Intel RealSense Depth Camera Manager (DCM) softwareに情報漏えいの脆弱性
INTEL-SA-00589:2021.2 IPU - Intel Atom Processor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00589.html
一部のIntel Atom Processorsにサービス運用妨害(DoS)、情報漏えいの脆弱性
INTEL-SA-00591:Intel Kernelflinger Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00591.html
Kernelflinger open source project maintained by Intelに権限昇格の脆弱性
INTEL-SA-00594:Intel Advisor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00594.html
Intel Advisorに権限昇格の脆弱性
INTEL-SA-00599:Intel RXT for Chromebook Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00599.html
Intel RXT for Chromebook applicationに情報漏えいの脆弱性
INTEL-SA-00600:Intel IPP Cryptography Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00600.html
Intel Integrated Performance Primitives (IPP) Cryptography software libraryに情報漏えいの脆弱性
INTEL-SA-00604:Intel Wireless Bluetooth and Killer Bluetooth Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00604.html
一部のIntel Wireless Bluetooth、Killer Bluetooth productsにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00607:Intel Smart Campus Android App Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00607.html
Intel Smart Campus Android applicationに情報漏えいの脆弱性
INTEL-SA-00608:Intel Capital Global Summit Android App Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00608.html
Intel Capital Global Summit Android Appに情報漏えいの脆弱性
INTEL-SA-00622:Intel Advisor Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00622.html
Intel Advisor softwareに権限昇格の脆弱性
INTEL-SA-00632:Intel Quartus Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00632.html
Intel Quartus Prime ProおよびStandard Editionsに権限昇格、サービス運用妨害(DoS)、情報漏えいの脆弱性
INTEL-SA-00639:Intel Trace Analyzer and Collector Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00639.html
Intel Trace AnalyzerおよびCollectorにサービス運用妨害(DoS)、情報漏えいの脆弱性
Intel Corporation
Intel Product Security Center Advisories
https://www.intel.com/content/www/us/en/security-center/default.html
CyberNewsFlashは、注意喚起とは異なり、発行時点では注意喚起の基準に満たない脆弱性の情報やセキュリティアップデート予告なども含まれます。今回の件を含め、提供いただける情報がありましたら、JPCERT/CCまでご連絡ください。
一般社団法人JPCERTコーディネーションセンター(JPCERT/CC)
早期警戒グループ
Email:ew-info@jpcert.or.jp