nvd-json-data-feeds/CVE-2022/CVE-2022-464xx/CVE-2022-46487.json

{
  "id": "CVE-2022-46487",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-30T03:15:08.233",
  "lastModified": "2024-01-01T02:12:45.130",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper initialization of x87 and SSE floating-point configuration registers in the __scone_entry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floating-point operations in an enclave or access sensitive information via side-channel analysis."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://jovanbulck.github.io/files/acsac20-fpu.pdf",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://jovanbulck.github.io/files/oakland24-pandora.pdf",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0561#vulnCurrentDescriptionTitle",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15107",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://sconedocs.github.io/release5.7/",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/data-operand-independent-timing-isa-guidance.html#inpage-nav-3-3",
      "source": "cve@mitre.org"
    }
  ]
}
Auto-Update: 2023-12-30T05:00:25.020170+00:00 2023-12-30 05:00:28 +00:00			`{`
			`"id": "CVE-2022-46487",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2023-12-30T03:15:08.233",`
Auto-Update: 2024-01-01T03:00:25.314046+00:00 2024-01-01 03:00:28 +00:00			`"lastModified": "2024-01-01T02:12:45.130",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2023-12-30T05:00:25.020170+00:00 2023-12-30 05:00:28 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Improper initialization of x87 and SSE floating-point configuration registers in the __scone_entry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floating-point operations in an enclave or access sensitive information via side-channel analysis."`
			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://jovanbulck.github.io/files/acsac20-fpu.pdf",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://jovanbulck.github.io/files/oakland24-pandora.pdf",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0561#vulnCurrentDescriptionTitle",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15107",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://sconedocs.github.io/release5.7/",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/data-operand-independent-timing-isa-guidance.html#inpage-nav-3-3",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`