CVE-2022-21166
published 2022-06-15CVE-2022-21166: Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Affected
42 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | intel-microcode | < intel-microcode 3.20220510.1 (bookworm) | intel-microcode 3.20220510.1 (bookworm) |
| debian | linux | < intel-microcode 3.20220510.1 (bookworm) | intel-microcode 3.20220510.1 (bookworm) |
| debian | xen | < intel-microcode 3.20220510.1 (bookworm) | intel-microcode 3.20220510.1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| intel | sgx_dcap | < 1.14.100.3 | 1.14.100.3 |
| intel | sgx_psw | < 2.16.100.3 | 2.16.100.3 |
| intel | sgx_psw | < 2.17.100.3 | 2.17.100.3 |
| intel | sgx_sdk | < 2.16.100.3 | 2.16.100.3 |
| intel | sgx_sdk | < 2.17.100.3 | 2.17.100.3 |
| linux | linux_kernel | >= 0 < 5.10.127-1 | 5.10.127-1 |
| linux | linux_kernel | >= 0 < 5.18.5-1 | 5.18.5-1 |
| linux | linux_kernel | >= 0 < 5.18.5-1 | 5.18.5-1 |
| linux | linux_kernel | >= 0 < 5.18.5-1 | 5.18.5-1 |
| linux | linux_kernel | >= 0 < 4.15.0-187.198 | 4.15.0-187.198 |
| linux | linux_kernel | >= 0 < 5.4.0-120.136 | 5.4.0-120.136 |
| linux | linux_kernel | >= 0 < 5.15.0-39.42 | 5.15.0-39.42 |
| linux | linux_kernel | >= 0 < 3.13.0-190.241 | 3.13.0-190.241 |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_20h2 | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv7.8HIGH