CVE-2022-21233

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Intel(R) Processors versions 10 through 12 Intel(R) Processors (affected versions not specified)

Description The issue is related to improper isolation of shared resources in some Intel(R) Processors, which may allow a privileged user to potentially enable information disclosure via local access. This is caused by an architectural flaw that allows access to uninitialized data left in the Advanced Programmable Interrupt Controller (APIC) registers after previous operations. The problem affects systems using the Software Guard Extensions (SGX) technology.

Recommendations For Intel(R) Processors versions 10 through 12: Update microcode packages to fix the security vulnerability. For Intel(R) Processors (affected versions not specified): At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-665

Related Identifiers

BDU:2022-04966

CESA-2022_5937

CVE-2022-21233

DLA-3379-1

MGASA-2022-0304

OESA-2022-1969

OPENSUSE-SU-2022_2960-1

OPENSUSE-SU-2024:12254-1

RHSA-2022:5937

RHSA-2022:5939

RHSA-2022_5937

RHSA-2022_5939

SUSE-SU-2022:2832-1

SUSE-SU-2022:2833-1

SUSE-SU-2022:2838-1

SUSE-SU-2022:2842-1

SUSE-SU-2022:2960-1

SUSE-SU-2022:2960-2

SUSE-SU-2022_2832-1

SUSE-SU-2022_2833-1

SUSE-SU-2022_2838-1

SUSE-SU-2022_2842-1

SUSE-SU-2022_2960-1

USN-5612-1

Affected Products

Astra Linux

Centos

Intel Processors

Linuxmint

Red Hat

Suse

Ubuntu

CVE-2022-21233

Weakness Enumeration

Related Identifiers

Affected Products

References · 76