CVE-2022-21127

CVE Database · CVE-2022-21127

CVE-2022-21127

· MEDIUMModified

CVSS v3.1

5.5

EPSS

5.51%

Published

Jun 15, 2022

Modified

May 5, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-459CWE-459

Affected Products (9)

xen · xenvulnerable

intel · sgx_dcap (up to 1.14.100.3)vulnerable

intel · sgx_psw (up to 2.16.100.3)vulnerable

intel · sgx_psw (up to 2.17.100.3)vulnerable

intel · sgx_sdk (up to 2.16.100.3)vulnerable

intel · sgx_sdk (up to 2.17.100.3)vulnerable

debian · debian_linuxvulnerable

References (8)

http://www.openwall.com/lists/oss-security/2022/06/16/1

Mailing ListPatchThird Party Advisory

https://security.netapp.com/advisory/ntap-20220624-0008/

Third Party Advisory

https://www.debian.org/security/2022/dsa-5178

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html

PatchVendor Advisory

http://www.openwall.com/lists/oss-security/2022/06/16/1

Mailing ListPatchThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs