CVE-2022-21123

CVE Database · CVE-2022-21123

CVE-2022-21123

· MEDIUMModified

CVSS v3.1

5.5

EPSS

6.12%

Published

Jun 15, 2022

Modified

May 5, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-459CWE-459

Affected Products (25)

xen · xenvulnerable

fedoraproject · fedoravulnerable

intel · sgx_dcap (up to 1.14.100.3)vulnerable

intel · sgx_psw (up to 2.16.100.3)vulnerable

intel · sgx_psw (up to 2.17.100.3)vulnerable

intel · sgx_sdk (up to 2.16.100.3)vulnerable

intel · sgx_sdk (up to 2.17.100.3)vulnerable

References (20)

http://www.openwall.com/lists/oss-security/2022/06/16/1

Mailing ListPatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/

KEV Catalog EPSS Scores Vendors All CVEs