CVE-2024-37020
Publication date 12 February 2025
Last updated 3 July 2025
Ubuntu priority
Description
Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| intel-microcode | ||
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
Notes
alexmurray
There is no evidence that this CVE can be addressed by a microcode update from the OS itself, only from the BIOS
Severity score breakdown
CVSS version: CVSS v3.0
Base score
3.8 · Low
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2024-37020
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01194.html
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211
- https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01194.html