Vulnerability Description
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xen | Xen | All versions |
| Intel | Sgx Dcap | < 1.14.100.3 |
| Intel | Sgx Psw | < 2.16.100.3 |
| Intel | Sgx Sdk | < 2.16.100.3 |
| Debian | Debian Linux | 10.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2022/06/16/1Mailing ListPatchThird Party Advisory
- https://security.netapp.com/advisory/ntap-20220624-0008/Third Party Advisory
- https://www.debian.org/security/2022/dsa-5178Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.PatchVendor Advisory
- http://www.openwall.com/lists/oss-security/2022/06/16/1Mailing ListPatchThird Party Advisory
- https://security.netapp.com/advisory/ntap-20220624-0008/Third Party Advisory
- https://www.debian.org/security/2022/dsa-5178Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.PatchVendor Advisory
FAQ
What is CVE-2022-21127?
CVE-2022-21127 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
How severe is CVE-2022-21127?
CVE-2022-21127 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-21127?
Check the references section above for vendor advisories and patch information. Affected products include: Xen Xen, Intel Sgx Dcap, Intel Sgx Psw, Intel Sgx Sdk, Debian Debian Linux.