All the vulnerabilites related to intel - sgx_dcap
Vulnerability from fkie_nvd
Published
2022-06-15 20:15
Modified
2024-11-21 06:43
Severity ?
Summary
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | * | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| intel | sgx_dcap | * | |
| intel | sgx_dcap | * | |
| intel | sgx_psw | * | |
| intel | sgx_psw | * | |
| intel | sgx_sdk | * | |
| intel | sgx_sdk | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "EF4E17C2-244F-4E5A-A5F8-4626CD1AC11A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "95D27137-9FE9-4036-95C5-28B8502A50BA",
"versionEndExcluding": "1.14.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "7461CA21-255D-4825-AE70-E3EB5D05945E",
"versionEndExcluding": "1.14.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "66C56CBD-F718-43A4-B097-291D2D6BBD0E",
"versionEndExcluding": "2.16.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "54F078D2-1BA0-4784-9650-6680ACD84FF6",
"versionEndExcluding": "2.17.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CF5F9EC2-3359-4364-AB06-64A528AAAE51",
"versionEndExcluding": "2.16.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "0C7F6964-55CF-4BD2-B483-EA6FE9564037",
"versionEndExcluding": "2.17.100.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
},
{
"lang": "es",
"value": "Una limpieza incompleta de los b\u00faferes de relleno de la microarquitectura en algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio del acceso local"
}
],
"id": "CVE-2022-21125",
"lastModified": "2024-11-21T06:43:56.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-15T20:15:17.547",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-404.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-404.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-15 20:15
Modified
2024-11-21 06:43
Severity ?
Summary
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | * | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| intel | sgx_dcap | * | |
| intel | sgx_dcap | * | |
| intel | sgx_psw | * | |
| intel | sgx_psw | * | |
| intel | sgx_sdk | * | |
| intel | sgx_sdk | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "EF4E17C2-244F-4E5A-A5F8-4626CD1AC11A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "95D27137-9FE9-4036-95C5-28B8502A50BA",
"versionEndExcluding": "1.14.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "7461CA21-255D-4825-AE70-E3EB5D05945E",
"versionEndExcluding": "1.14.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "66C56CBD-F718-43A4-B097-291D2D6BBD0E",
"versionEndExcluding": "2.16.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "54F078D2-1BA0-4784-9650-6680ACD84FF6",
"versionEndExcluding": "2.17.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CF5F9EC2-3359-4364-AB06-64A528AAAE51",
"versionEndExcluding": "2.16.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "0C7F6964-55CF-4BD2-B483-EA6FE9564037",
"versionEndExcluding": "2.17.100.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
},
{
"lang": "es",
"value": "Una limpieza incompleta de los b\u00faferes compartidos multin\u00facleo en algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio del acceso local"
}
],
"id": "CVE-2022-21123",
"lastModified": "2024-11-21T06:43:56.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-15T20:15:17.503",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-14 14:16
Modified
2024-11-21 08:23
Severity ?
3.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "C9467F81-346F-4D27-B04C-46DC5EDCA930",
"versionEndExcluding": "1.19.100.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access."
},
{
"lang": "es",
"value": "La validaci\u00f3n de entrada incorrecta en alg\u00fan software Intel(R) SGX DCAP para Windows anterior a la versi\u00f3n 1.19.100.3 puede permitir que un usuario autenticado potencialmente habilite la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-42776",
"lastModified": "2024-11-21T08:23:08.427",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 1.4,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-14T14:16:06.367",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-09 20:15
Modified
2024-11-21 05:41
Severity ?
Summary
Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "C228B092-D84F-4A92-B9A7-C85E069ACE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:update_1:*:*:*:*:*:*",
"matchCriteriaId": "1D59D26E-C3A9-425D-BF47-9F100406B55C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:update_2:*:*:*:*:*:*",
"matchCriteriaId": "A5E59DAE-EDD5-41E2-81EB-68CCEE6111C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:update_3:*:*:*:*:*:*",
"matchCriteriaId": "43B76D8D-6BF9-4468-896B-C41E777E2B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2019:update_4:*:*:*:*:*:*",
"matchCriteriaId": "46B03979-727A-4230-8B35-7BC9F4C24D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "6FCBAD61-98CA-4FC4-B748-E2367EF8D4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "051C831D-C8FB-41F5-B2B9-152C7B7FE66D",
"versionEndIncluding": "1.10.100.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "7D87FA8C-54D8-4C79-9A46-59563B6A1B05",
"versionEndIncluding": "1.10.100.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "0347067C-4AEC-4F6A-B35B-21671FC553F4",
"versionEndIncluding": "2.12.100.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "6BEB7E68-4C75-42E4-AF30-4643CF166F70",
"versionEndIncluding": "2.13.100.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "B5717416-A859-45C8-BBF1-F33AF80536B3",
"versionEndIncluding": "2.12.100.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "3643652F-9986-48AB-A479-91BC7AFB2847",
"versionEndIncluding": "2.13.100.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access."
},
{
"lang": "es",
"value": "Una discrepancia de tiempo observable en Intel\u00ae IPP versiones anteriores a 2020 update 1, puede permitir a un usuario autorizado permitir potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio de un acceso local"
}
],
"id": "CVE-2021-0001",
"lastModified": "2024-11-21T05:41:40.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-09T20:15:08.180",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-15 20:15
Modified
2024-11-21 06:43
Severity ?
Summary
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | http://www.openwall.com/lists/oss-security/2022/06/16/1 | Mailing List, Patch, Third Party Advisory | |
| secure@intel.com | https://security.netapp.com/advisory/ntap-20220624-0008/ | Third Party Advisory | |
| secure@intel.com | https://www.debian.org/security/2022/dsa-5178 | Third Party Advisory | |
| secure@intel.com | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/06/16/1 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220624-0008/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5178 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "EF4E17C2-244F-4E5A-A5F8-4626CD1AC11A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "95D27137-9FE9-4036-95C5-28B8502A50BA",
"versionEndExcluding": "1.14.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "7461CA21-255D-4825-AE70-E3EB5D05945E",
"versionEndExcluding": "1.14.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "66C56CBD-F718-43A4-B097-291D2D6BBD0E",
"versionEndExcluding": "2.16.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "54F078D2-1BA0-4784-9650-6680ACD84FF6",
"versionEndExcluding": "2.17.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CF5F9EC2-3359-4364-AB06-64A528AAAE51",
"versionEndExcluding": "2.16.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "0C7F6964-55CF-4BD2-B483-EA6FE9564037",
"versionEndExcluding": "2.17.100.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
},
{
"lang": "es",
"value": "Una limpieza incompleta en operaciones espec\u00edficas de lectura de registros especiales para algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio de acceso local"
}
],
"id": "CVE-2022-21127",
"lastModified": "2024-11-21T06:43:57.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-15T20:15:17.587",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-15 21:15
Modified
2024-11-21 06:44
Severity ?
Summary
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | * | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| intel | sgx_dcap | * | |
| intel | sgx_dcap | * | |
| intel | sgx_psw | * | |
| intel | sgx_psw | * | |
| intel | sgx_sdk | * | |
| intel | sgx_sdk | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "EF4E17C2-244F-4E5A-A5F8-4626CD1AC11A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "95D27137-9FE9-4036-95C5-28B8502A50BA",
"versionEndExcluding": "1.14.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "7461CA21-255D-4825-AE70-E3EB5D05945E",
"versionEndExcluding": "1.14.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "66C56CBD-F718-43A4-B097-291D2D6BBD0E",
"versionEndExcluding": "2.16.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "54F078D2-1BA0-4784-9650-6680ACD84FF6",
"versionEndExcluding": "2.17.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CF5F9EC2-3359-4364-AB06-64A528AAAE51",
"versionEndExcluding": "2.16.100.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "0C7F6964-55CF-4BD2-B483-EA6FE9564037",
"versionEndExcluding": "2.17.100.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
},
{
"lang": "es",
"value": "Una limpieza incompleta en operaciones espec\u00edficas de escritura en registros especiales para algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio de acceso local"
}
],
"id": "CVE-2022-21166",
"lastModified": "2024-11-21T06:44:01.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-15T21:15:09.100",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"source": "secure@intel.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2022-21127
Vulnerability from cvelistv5
Published
2022-06-15 20:02
Modified
2024-08-03 02:31
Severity ?
EPSS score ?
Summary
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/06/16/1 | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20220624-0008/ | x_refsource_CONFIRM | |
| https://www.debian.org/security/2022/dsa-5178 | vendor-advisory, x_refsource_DEBIAN |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) Processors |
Version: See references |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:58.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "DSA-5178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " information disclosure ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-07T10:06:31",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "DSA-5178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-21127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": " information disclosure "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220624-0008/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "DSA-5178",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5178"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21127",
"datePublished": "2022-06-15T20:02:28",
"dateReserved": "2021-11-12T00:00:00",
"dateUpdated": "2024-08-03T02:31:58.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42776
Vulnerability from cvelistv5
Published
2024-02-14 13:38
Modified
2024-08-15 14:43
Severity ?
EPSS score ?
Summary
Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) SGX DCAP software for Windows |
Version: before version 1.19.100.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T14:42:50.759206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T14:43:13.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) SGX DCAP software for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.19.100.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T13:38:20.289Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-42776",
"datePublished": "2024-02-14T13:38:20.289Z",
"dateReserved": "2023-09-22T03:00:11.518Z",
"dateUpdated": "2024-08-15T14:43:13.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21123
Vulnerability from cvelistv5
Published
2022-06-15 19:59
Modified
2024-08-03 02:31
Severity ?
EPSS score ?
Summary
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) Processors |
Version: See references |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " information disclosure ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-14T20:10:55",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-21123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": " information disclosure "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220624-0008/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21123",
"datePublished": "2022-06-15T19:59:35",
"dateReserved": "2021-11-12T00:00:00",
"dateUpdated": "2024-08-03T02:31:59.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21166
Vulnerability from cvelistv5
Published
2022-06-15 20:03
Modified
2024-08-03 02:31
Severity ?
EPSS score ?
Summary
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) Processors |
Version: See references |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " information disclosure ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-14T20:10:06",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-21166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": " information disclosure "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220624-0008/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21166",
"datePublished": "2022-06-15T20:03:42",
"dateReserved": "2021-11-12T00:00:00",
"dateUpdated": "2024-08-03T02:31:59.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21125
Vulnerability from cvelistv5
Published
2022-06-15 20:01
Modified
2024-08-03 02:31
Severity ?
EPSS score ?
Summary
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) Processors |
Version: See references |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:58.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-404.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " information disclosure ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-14T20:08:18",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-404.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-21125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": " information disclosure "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xenbits.xen.org/xsa/advisory-404.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-404.html"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
},
{
"name": "FEDORA-2022-391e24517d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/"
},
{
"name": "FEDORA-2022-177a008b98",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220624-0008/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220624-0008/"
},
{
"name": "FEDORA-2022-925fc688c1",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/"
},
{
"name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"name": "DSA-5173",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "DSA-5178",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5178"
},
{
"name": "DSA-5184",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5184"
},
{
"name": "FEDORA-2022-2c9f8224f8",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
},
{
"name": "GLSA-202208-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21125",
"datePublished": "2022-06-15T20:01:10",
"dateReserved": "2021-11-12T00:00:00",
"dateUpdated": "2024-08-03T02:31:58.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0001
Vulnerability from cvelistv5
Published
2021-06-09 19:01
Modified
2024-08-03 15:25
Severity ?
EPSS score ?
Summary
Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) IPP |
Version: before version 2020 update 1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) IPP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2020 update 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T19:01:55",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-0001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) IPP",
"version": {
"version_data": [
{
"version_value": "before version 2020 update 1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-0001",
"datePublished": "2021-06-09T19:01:55",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-08-03T15:25:01.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}