2023年5月9日(現地時間)、Intelから38件のセキュリティアドバイザリが公開されました。複数の製品で権限昇格、サービス運用妨害(DoS)、情報漏えいなどの脆弱性が修正されています。影響を受ける製品やバージョンについての詳細は、Intelのアドバイザリを参照いただき、影響範囲の確認と対策をご検討ください。
INTEL-SA-00692: Intel VROC Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00692.html
Intel Virtual RAID on CPUに権限昇格およびサービス運用妨害(DoS)の脆弱性
INTEL-SA-00723: Intel Unite Plugin SDK Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00723.html
Intel Unite Plugin SDKに権限昇格の脆弱性
INTEL-SA-00771: Intel VTune Profiler Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00771.html
Intel VTune Profilerに権限昇格の脆弱性
INTEL-SA-00772: Intel DCM Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00772.html
Intel DCMに権限昇格および情報漏えいの脆弱性
INTEL-SA-00777: Intel NUC BIOS Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html
Intel NUC BIOS Firmwareに権限昇格、サービス運用妨害(DoS)および情報漏えいの脆弱性
INTEL-SA-00778: Intel QAT Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00778.html
Intel QATに権限昇格および情報漏えいの脆弱性
INTEL-SA-00779: Intel Connect M Android App Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00779.html
Intel Connect M Android Appに権限昇格および情報漏えいサービス運用妨害(DoS)の脆弱性
INTEL-SA-00780: Intel NUC BIOS Update Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00780.html
Intel NUC Chaco Canyon BIOS update softwareに権限昇格の脆弱性
INTEL-SA-00782: Intel Unite Client Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00782.html
Intel Unite Client softwareに権限昇格の脆弱性
INTEL-SA-00784: Intel MacCPUID Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00784.html
Intel MacCPUID softwareに権限昇格の脆弱性
INTEL-SA-00785: Intel SUR Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00785.html
Intel System Usage Report Softwareに権限昇格の脆弱性
INTEL-SA-00788: Intel IPP Cryptography Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00788.html
Intel Integrated Performance Primitives Cryptography softwareに情報漏えいの脆弱性
INTEL-SA-00792: Intel OFU Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00792.html
Intel One Boot Flash Update softwareに権限昇格の脆弱性
INTEL-SA-00796: Intel SCS Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00796.html
Intel Setup and Configuration Softwareにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00797: Intel EMA Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00797.html
Intel Endpoint Management Assistant Softwareにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00798: Intel QAT Engine for OpenSSL Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00798.html
Intel QuickAssist Technology Engine for OpenSSLに権限昇格の脆弱性
INTEL-SA-00799: Intel Quartus Prime Pro Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00799.html
Intel Quartus Prime Pro edition softwareに権限昇格の脆弱性
INTEL-SA-00802: Intel NUC Laptop Element Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html
Intel NUC Laptop Element softwareに権限昇格の脆弱性
INTEL-SA-00805: Intel Trace Analyzer and Collector Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html
Intel Trace Analyzer and Collector Softwareに権限昇格および情報漏えいの脆弱性
INTEL-SA-00806: Intel DCM Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00806.html
Intel Data Center Manager softwareに権限昇格の脆弱性
INTEL-SA-00807: 2023.2 IPU – BIOS Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00807.html
BIOS firmware for some Intel Processorsに権限昇格および情報漏えいの脆弱性
INTEL-SA-00808: Intel EMA Configuration Tool and Intel MC Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00808.html
Intel Endpoint Management Assistant Configuration Tool and Intel Manageability Commander softwareにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00809: Intel QAT Driver Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00809.html
Intel QuickAssist Technology driversに権限昇格、サービス運用妨害(DoS)および情報漏えいの脆弱性
INTEL-SA-00815: Intel Smart Campus Android App Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00815.html
Intel Smart Campus Android applicationにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00816: DSP Builder for Intel FPGAs Pro Edition Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00816.html
Digital Signal Processing Builder software installer for Intel FPGAs Pro Editionに権限昇格の脆弱性
INTEL-SA-00819: Intel oneAPI Toolkit and Component Software Installers Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html
Intel oneAPI Toolkit and component software installersに権限昇格の脆弱性
INTEL-SA-00824: Intel FPGA Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00824.html
Intel Field Programmable Gate Array productsに権限昇格の脆弱性
INTEL-SA-00825: Intel Unite Android App Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00825.html
Intel Unite android applicationにサービス運用妨害(DoS)および情報漏えいの脆弱性
INTEL-SA-00827: Open CAS Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00827.html
Open Cache Acceleration Software for Linux maintainedに情報漏えいの脆弱性
INTEL-SA-00832: Intel SCS Add-on Software Installer Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00832.html
Intel Setup and Configuration Software Add-on software installerに権限昇格の脆弱性
INTEL-SA-00833: Intel HDMI Firmware Update Tool for NUC Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00833.html
Intel HDMI Firmware Update Tool for NUCに権限昇格の脆弱性
INTEL-SA-00834: Intel NUC Pro Software Suite Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00834.html
Intel NUC Pro Software Suiteに権限昇格の脆弱性
INTEL-SA-00839: Intel Server Board BMC Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html
Intel Server Board Baseboard Management Controller firmwareに権限昇格、サービス運用妨害(DoS)および情報漏えいの脆弱性
INTEL-SA-00847: Intel Retail Edge Mobile App Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00847.html
Intel Retail Edge Mobile applicationに権限昇格、サービス運用妨害(DoS)および情報漏えいの脆弱性
INTEL-SA-00853: WULT Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html
Wake Up Latency Tracer Softwareに権限昇格の脆弱性
INTEL-SA-00854: Intel NUC Software Studio Service Installer Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00854.html
Intel NUC Software Studio Service Installerに権限昇格の脆弱性
INTEL-SA-00855: Intel Pathfinder for RISC-V Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00855.html
Intel Pathfinder for RISC-Vに権限昇格の脆弱性
INTEL-SA-00886: Intel i915 Graphics Drivers for Linux Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00886.html
Intel i915 Graphics Drivers for Linuxに権限昇格の脆弱性
Intel Corporation
Intel Product Security Center Advisories
https://www.intel.com/content/www/us/en/security-center/default.html
CyberNewsFlashは、注意喚起とは異なり、発行時点では注意喚起の基準に満たない脆弱性の情報やセキュリティアップデート予告なども含まれます。今回の件を含め、提供いただける情報がありましたら、JPCERT/CCまでご連絡ください。
一般社団法人JPCERTコーディネーションセンター(JPCERT/CC)
早期警戒グループ
Email:ew-info@jpcert.or.jp