CVE-2022-21233
Published: 9 August 2022
Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
From the Ubuntu Security Team
Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves.
Notes
| Author | Note |
|---|---|
| sbeattie | Intel TA-00657 only known impact is to compromise SGX |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
intel-microcode Launchpad, Ubuntu, Debian |
bionic |
Released
(3.20220809.0ubuntu0.18.04.1)
|
| focal |
Released
(3.20220809.0ubuntu0.20.04.1)
|
|
| jammy |
Released
(3.20220809.0ubuntu0.22.04.1)
|
|
| kinetic |
Released
(3.20220809.0ubuntu1)
|
|
| lunar |
Released
(3.20220809.0ubuntu1)
|
|
| mantic |
Released
(3.20220809.0ubuntu1)
|
|
| trusty |
Needed
|
|
| upstream |
Released
(microcode-20220809)
|
|
| xenial |
Released
(3.20230214.0ubuntu0.16.04.1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |