A potential security vulnerability in Intel® SGX Linux kernel drivers may allow denial of service. Intel is working with the Linux kernel maintainers to create a mitigation.
CVEID: CVE-2021-33135
Description: Uncontrolled resource consumption in the Linux kernel drivers for Intel® SGX may allow an authenticated user to potentially enable denial of service via local access.
CVSS Base Score: 3.2 Low
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L****
Intel® SGX Linux kernel driver from Intel version 2.14 and before.
Linux kernel driver for Intel® SGX from upstream/kernel.org.
Intel® SGX Linux kernel driver mitigation guidance for users of the out of tree SGX Data Center Attestation Primitives (DCAP) drivers available at <https://download.01.org/intel-sgx/sgx-dcap/>:
This issue was found internally by Intel employees.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.