2023年2月14日(現地時間)、Intelから複数のセキュリティアドバイザリが公開されました。影響を受ける製品やバージョンについての詳細は、Intelのアドバイザリを参照いただき、影響範囲の確認と対策をご検討ください。
INTEL-SA-00674: Intel oneAPI Toolkits Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html
Intel oneAPI Toolkitに権限昇格の脆弱性
INTEL-SA-00677: Intel SGX SDK Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00677.html
Intel SGX SDKに情報漏えいの脆弱性
INTEL-SA-00700: 2023.1 IPU - Intel Atom and Intel Xeon Scalable Processors
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00700.html
Intel Atom and Intel Xeon Scalable Processorsに権限昇格の脆弱性
INTEL-SA-00714: Intel Quartus Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00714.html
Intel Quartusに権限昇格および情報漏えいの脆弱性
INTEL-SA-00717: 2023.1 IPU - BIOS Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.html
BIOSに権限昇格の脆弱性
INTEL-SA-00718: 2023.1 IPU - Intel Chipset Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00718.html
Intel Chipset Firmwareに権限昇格およびサービス運用妨害(DoS)の脆弱性
INTEL-SA-00721: Intel Integrated Sensor Solution Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00721.html
Intel Integrated Sensor Solutionにサービス運用妨害(DoS)攻撃の脆弱性
INTEL-SA-00725: Intel DSA Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00725.html
Intel DSAに権限昇格の脆弱性
INTEL-SA-00726: Intel Battery Life Diagnostic Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00726.html
Intel Battery Life Diagnosticに権限昇格の脆弱性
INTEL-SA-00727: Intel Iris Xe MAX Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00727.html
Intel Iris Xe MAXに情報漏えいおよびサービス運用妨害(DoS)攻撃の脆弱性
INTEL-SA-00728: Intel FPGA SDK for OpenCL Intel Quartus Prime Pro Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00728.html
Intel FPGA SDK for OpenCL Intel Quartus Prime Pro Softwareに権限昇格の脆弱性
INTEL-SA-00729: Intel SUR Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
Intel SURに権限昇格およびサービス運用妨害(DoS)の脆弱性
INTEL-SA-00730: 3rd Generation Intel Xeon Scalable Processors Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00730.html
3rd Generation Intel Xeon Scalable Processorsに情報漏えいの脆弱性
INTEL-SA-00731: Intel Media SDK Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00731.html
Intel Media SDKに権限昇格およびサービス運用妨害(DoS)攻撃の脆弱性
INTEL-SA-00733: Intel Trace Analyzer and Collector Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00733.html
Intel Trace Analyzer and Collectorに権限昇格の脆弱性
INTEL-SA-00736: Open CAS Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00736.html
Open CASにサービス運用妨害(DoS)攻撃の脆弱性
INTEL-SA-00737: Integrated BMC and OpenBMC Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html
Integrated BMC and OpenBMC Firmwareに権限昇格およびサービス運用妨害(DoS)攻撃の脆弱性
INTEL-SA-00738: 2023.1 IPU - Intel Xeon Processor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html
Intel Xeon Processorに権限昇格の脆弱性
INTEL-SA-00739: FCS Server Advisor
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00739.html
Field Programmable Gate Array Crypto Service(FCS)にサービス運用妨害(DoS)の脆弱性
INTEL-SA-00746: Crypto API Toolkit for Intel SGX Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00746.html
Crypto API Toolkit for Intel SGXに権限昇格の脆弱性
INTEL-SA-00750: Intel Ethernet VMware Drivers Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00750.html
Intel Ethernet VMware Driversに権限昇格およびサービス運用妨害(DoS)の脆弱性
INTEL-SA-00751: Intel QAT Drivers Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00751.html
Intel QuickAssist Technology(QAT) driversに権限昇格の脆弱性
INTEL-SA-00754: Intel Ethernet Controllers and Adapters Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00754.html
Intel Ethernet Controllers and Adaptersにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00761: Intel Ethernet Controller Administrative Tools Drivers Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00761.html
Intel Ethernet Controller Administrative Tools Driversに権限昇格の脆弱性
INTEL-SA-00762: Computer Vision Annotation Tool Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00762.html
Computer Vision Annotation Tool(CVAT)に情報漏えいの脆弱性
INTEL-SA-00764: Intel EMA Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00764.html
Intel Endpoint Management Assistant(EMA)に権限昇格の脆弱性
INTEL-SA-00765: QATzip for Intel QAT Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00765.html
QATzipに権限昇格の脆弱性
INTEL-SA-00767: 2023.1 IPU - Intel Processor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html
Intel Software Guard Extensions(SGX)を搭載した一部のProcessorに情報漏えいの脆弱性
INTEL-SA-00769: Intel OFU Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00769.html
Intel OFU Softwareにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00770: Intel Network Adapter Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00770.html
Intel Network Adapter Softwareに権限昇格の脆弱性
INTEL-SA-00776: Intel ON Event Series Android App Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00776.html
Intel ON Event Series Androidアプリケーションに情報漏えいの脆弱性
Intel Corporation
Intel Product Security Center Advisories
https://www.intel.com/content/www/us/en/security-center/default.html
CyberNewsFlashは、注意喚起とは異なり、発行時点では注意喚起の基準に満たない脆弱性の情報やセキュリティアップデート予告なども含まれます。今回の件を含め、提供いただける情報がありましたら、JPCERT/CCまでご連絡ください。
一般社団法人JPCERTコーディネーションセンター(JPCERT/CC)
早期警戒グループ
Email:ew-info@jpcert.or.jp