How severe is CVE-2023-40540?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2023-40540?

This is classified as CWE-1303, which is a common weakness in software security.

CVE-2023-40540

MEDIUM Year: 2023

CVSS v3 Score

4.4

Medium

Weakness Type

CWE-1303

View all →

Vulnerability Description

Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

CVE-2023-38575

MEDIUM

CVSS:5.5(Medium)

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

CWE-13032023

The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that ...

CWE-13032023

CVE-2023-1998

MEDIUM

CVSS:5.6(Medium)

CWE-13032023

CVE-2023-38575

MEDIUM

CVSS:5.5(Medium)

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

CWE-13032023

CVE-2023-40540

Vulnerability Description

Related Vulnerabilities

CVE-2023-38575

CVE-2023-1998

CVE-2023-1998

CVE-2023-38575