CVE-2022-50720

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw related to the Advanced Programmable Interrupt Controller (APIC). The APIC supports legacy APIC (xAPIC) and Extended APIC (x2APIC) modes. A new feature allows the BIOS to lock the APIC in x2APIC mode. If locked in x2APIC mode, attempting to disable the APIC or revert to legacy APIC mode results in a General Protection Fault (GP fault). This issue is related to the APIC LEAK vulnerability, which allows an attacker to extract data from the Secure Guard Extensions (SGX) enclave using the APIC memory-mapped interface. The vulnerability is addressed by introducing support for a new Model Specific Register (MSR) and preventing the kernel from disabling x2APIC when the LEGACY XAPIC DISABLED bit is set. If legacy APIC is required, SGX and Trusted Domain Extensions (TDX) must be disabled in the BIOS.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.