First published: Wed Jun 15 2022(Updated: )
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Credit: secure@intel.com secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
Xen Xen | ||
Intel Sgx Dcap | <1.14.100.3 | |
Intel Sgx Dcap | <1.14.100.3 | |
Intel Sgx Psw | <2.16.100.3 | |
Intel Sgx Psw | <2.17.100.3 | |
Intel Sgx Sdk | <2.16.100.3 | |
Intel Sgx Sdk | <2.17.100.3 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
debian/intel-microcode | 3.20240813.1~deb11u1 3.20241112.1~deb11u1 3.20240910.1~deb12u1 3.20231114.1~deb12u1 3.20241112.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-21127.
The vulnerability allows an authenticated user to potentially enable information disclosure via local access.
The affected software is intel-microcode with versions 3.20220510.1 and earlier.
To fix this vulnerability, it is recommended to update the intel-microcode package to version 3.20220510.1 or later.
More information about this vulnerability can be found at the following references: [Intel Security Advisory](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html), [Openwall OSS Security Mailing List](http://www.openwall.com/lists/oss-security/2022/06/16/1), [NetApp Security Advisory](https://security.netapp.com/advisory/ntap-20220624-0008/)