A vulnerability in the voltage regulation unit for some Intel scalable processors may allow a denial of service may allow a local privileged user to crash the system.
The CVSSv3 score provided does by Intel does not match the above description and Red Hat would disagree this would be a DOS only under the provided score. The provided score suggests that data modification is possible but with limited information this can not be proven or disproved.
A microcode update that addresses this issue will be released.
Red Hat thanks Intel for reporting this issue and collaborating on the mitigations.
Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/2019-microcode-nov
As of this time there are no known mitigations. Please install relevant updated packages to address this flaw.
Created microcode_ctl tracking bugs for this issue:
Affects: fedora-all [bug 1771659]