Bugzilla – Bug 844228
VUL-0: CVE-2013-5740: intel-SINIT: undisclosed security bugs
Last modified: 2013-10-08 11:50:35 UTC
CVE-2013-5740 Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors. References: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00035&languageid=en-fr http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5740 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5740
The SWAMPID for this issue is 54691. This issue was rated as moderate. Please submit fixed packages until 2013-10-22. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
we have not shipped the 3rdgen ACMs in our intel-SINIT package, so are not affected.