CVE-2022-21127

CVSS v3.1 5.5 (Medium)

CVSS v2.0 2.1 (Low)

EPSS 0.04 % (15^th)

Affected Products 5

Advisories 30

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Weaknesses

CWE-459: Incomplete Cleanup

CVE Status: PUBLISHED
CNA: Intel Corporation
Published Date: 2022-06-15 20:15:17
(2 years ago)
Updated Date: 2023-01-31 17:27:41
(19 months ago)

Affected Products

Debian

Debian Linux

Intel

Xen

Configuration #1

		CPE23	From	Up To
	Xen on X86	cpe:2.3:o:xen:xen::::::*:x86

Configuration #2

	CPE23	Up To
Intel Sgx Dcap for Linux prior 1.14.100.3 version	cpe:2.3:a:intel:sgx_dcap::::::linux	< 1.14.100.3
Intel Sgx Dcap for Windows prior 1.14.100.3 version	cpe:2.3:a:intel:sgx_dcap::::::windows	< 1.14.100.3
Intel Sgx Psw for Windows prior 2.16.100.3 version	cpe:2.3:a:intel:sgx_psw::::::windows	< 2.16.100.3
Intel Sgx Psw for Linux prior 2.17.100.3 version	cpe:2.3:a:intel:sgx_psw::::::linux	< 2.17.100.3
Intel Sgx Sdk for Windows prior 2.16.100.3 version	cpe:2.3:a:intel:sgx_sdk::::::windows	< 2.16.100.3
Intel Sgx Sdk for Linux prior 2.17.100.3 version	cpe:2.3:a:intel:sgx_sdk::::::linux	< 2.17.100.3

Configuration #3

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0