{ "id": "CVE-2022-21123", "sourceIdentifier": "secure@intel.com", "published": "2022-06-15T20:15:17.503", "lastModified": "2022-08-19T12:55:20.783", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access." }, { "lang": "es", "value": "Una limpieza incompleta de los b\u00faferes compartidos multin\u00facleo en algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente la divulgaci\u00f3n de informaci\u00f3n por medio del acceso local" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1 }, "baseSeverity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-459" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*", "matchCriteriaId": "EF4E17C2-244F-4E5A-A5F8-4626CD1AC11A" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*", "versionEndExcluding": "1.14.100.3", "matchCriteriaId": "95D27137-9FE9-4036-95C5-28B8502A50BA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*", "versionEndExcluding": "1.14.100.3", "matchCriteriaId": "7461CA21-255D-4825-AE70-E3EB5D05945E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*", "versionEndExcluding": "2.16.100.3", "matchCriteriaId": "66C56CBD-F718-43A4-B097-291D2D6BBD0E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*", "versionEndExcluding": "2.17.100.3", "matchCriteriaId": "54F078D2-1BA0-4784-9650-6680ACD84FF6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*", "versionEndExcluding": "2.16.100.3", "matchCriteriaId": "CF5F9EC2-3359-4364-AB06-64A528AAAE51" }, { "vulnerable": true, "criteria": "cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*", "versionEndExcluding": "2.17.100.3", "matchCriteriaId": "0C7F6964-55CF-4BD2-B483-EA6FE9564037" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*", "matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*", "matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*", "matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*", "matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*", "matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*", "matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*", "matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*", "matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*", "matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*", "matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*", "matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*", "matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*", "matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252" }, { "vulnerable": true, "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" }, { "vulnerable": true, "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" } ] } ] } ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2022/06/16/1", "source": "secure@intel.com", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html", "source": "secure@intel.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/", "source": "secure@intel.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/", "source": "secure@intel.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/", "source": "secure@intel.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/", "source": "secure@intel.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "https://security.gentoo.org/glsa/202208-23", "source": "secure@intel.com", "tags": [ "Third Party Advisory" ] }, { "url": "https://security.netapp.com/advisory/ntap-20220624-0008/", "source": "secure@intel.com", "tags": [ "Third Party Advisory" ] }, { "url": "https://www.debian.org/security/2022/dsa-5173", "source": "secure@intel.com", "tags": [ "Third Party Advisory" ] }, { "url": "https://www.debian.org/security/2022/dsa-5178", "source": "secure@intel.com", "tags": [ "Third Party Advisory" ] }, { "url": "https://www.debian.org/security/2022/dsa-5184", "source": "secure@intel.com", "tags": [ "Third Party Advisory" ] }, { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html", "source": "secure@intel.com", "tags": [ "Patch", "Vendor Advisory" ] } ] }