Intel has issued a security advisory (INTEL-SA-00950) to address a vulnerability in some Intel processors. A local unauthenticated attacker could execute specially crafted code to exploit the vulnerability.
For detailed information of the affected products, please refer to the section "Affected Processors" of corresponding security advisory at the following URL:
https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html
Successful exploitation of the vulnerability could lead to denial of service, information disclosure or privilege escalation on an affected system.
Intel has provided microcode updates for all affected processors. Microcode updates are typically included with updates from the original equipment manufacturers (OEM), operating system vendors (OSV) and hypervisor vendors. Some product vendors such as Dell and Citrix have provided patches and relevant advice regarding the vulnerability. The following is only a sample list of advice provided by the product vendors. The list is not exhaustive and it is strongly recommended to consult the product vendors if the products in use are affected and the availability of patches, and if so, apply the patches or follow the recommendations provided by the product vendors to mitigate the risk.