CVE-2022-41804
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/08/2023
Last modified:
07/11/2023
Description
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Impact
Base Score 3.x
6.70
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* | ||
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* | ||
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* | ||
cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:intel:xeon_gold_5315y_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:intel:xeon_gold_5317_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:intel:xeon_gold_5318n_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:intel:xeon_gold_5318s_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:intel:xeon_gold_5318y_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:intel:xeon_gold_5320:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:intel:xeon_gold_5320_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html
- https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/
- https://security.netapp.com/advisory/ntap-20230915-0003/
- https://www.debian.org/security/2023/dsa-5474