Intel Sgx Sdk vulnerabilities

CVE-2022-26509 [LOW] CWE-755 CVE-2022-26509: Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentiall Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.

CVE-2022-26841 [LOW] CVE-2022-26841: Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16 Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-27499 [LOW] CWE-672 CVE-2022-27499: Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.

CVE-2022-21127 [MEDIUM] CWE-459 CVE-2022-21127: Incomplete cleanup in specific special register read operations for some Intel(R) Processors may all Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-21166 [MEDIUM] CWE-459 CVE-2022-21166: Incomplete cleanup in specific special register write operations for some Intel(R) Processors may al Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-21125 [MEDIUM] CWE-459 CVE-2022-21125: Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authe Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-21123 [MEDIUM] CWE-459 CVE-2022-21123: Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authentica Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2021-0186 [MEDIUM] CWE-20 CVE-2021-0186: Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access.

CVE-2021-0001 [MEDIUM] CWE-203 CVE-2021-0001: Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.

CVE-2018-18098 [HIGH] CWE-732 CVE-2018-18098: Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.

CVE-2018-3626 [MEDIUM] CWE-200 CVE-2018-3626: Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information.