Lucene search
K
IntelSgx Sdk

11 matches found

CVE
CVE
added 2022/06/15 7:59 p.m.463 views

CVE-2022-21123

CVE-2022-21123 stems from incomplete cleanup of multi-core shared buffers on some Intel processors, enabling potential information disclosure via local access by an authenticated user. The linked Astra Linux advisory and multiple Linux kernel advisories corroborate the issue and its local impact....

5.5CVSS6.3AI score0.06283EPSS
CVE
CVE
added 2022/06/15 8:1 p.m.405 views

CVE-2022-21125

Public documentation in the provided sources does not disclose detailed technical information (affected products, root cause, or fixes) for CVE-2022-21125 beyond the general description. Monitor for updates from vendors and advisories.

5.5CVSS6.3AI score0.06451EPSS
CVE
CVE
added 2022/06/15 8:3 p.m.385 views

CVE-2022-21166

CVE-2022-21166 is described in connected Astra Linux bulletin as an issue in incomplete cleanup in specific special register write operations for some Intel processors, potentially allowing an authenticated local user to disclose information. The description mirrors the vulnerability text in the ...

5.5CVSS6.3AI score0.05899EPSS
CVE
CVE
added 2022/06/15 8:2 p.m.285 views

CVE-2022-21127

CVE-2022-21127 involves incomplete cleanup in specific Intel processor special register read operations, potentially enabling information disclosure to an authenticated local user. The vulnerability is associated with Intel microcode issues and has been referenced in multiple advisories (e.g., De...

5.5CVSS6AI score0.05465EPSS
CVE
CVE
added 2021/06/09 7:1 p.m.98 views

CVE-2021-0001

CVE-2021-0001 concerns an observable timing discrepancy in Intel IPP prior to 2020 update 1 that may allow an authorized user to disclose information via local access. The Red Hat/NVD/OSV/NCSC entries confirm IPP and SGX involvement. Intel’s advisory (Intel-SA-00477) states mitigations: update IP...

4.7CVSS4.4AI score0.00209EPSS
CVE
CVE
added 2021/11/17 7:45 p.m.61 views

CVE-2021-0186

CVE-2021-0186 involves an improper input validation in Intel\u00ae SGX SDK applications compiled for SGX2-enabled processors that could allow local privilege escalation. The Intel advisory (INTEL-SA-00548) confirms affected products: Intel SGX SDK for Windows <= v2.12 and Linux

6.7CVSS6.6AI score0.0032EPSS
CVE
CVE
added 2018/03/20 8:0 p.m.58 views

CVE-2018-3626

The CVE-2018-3626 entry concerns the Edger8r tool in Intel SGX SDK before 2.1.2 (Linux) and 1.9.6 (Windows). The vulnerability stems from Edger8r generating code that enables a side-channel, potentially allowing a local attacker to access unauthorized information within enclaves. Affected product...

4.7CVSS6.2AI score0.00299EPSS
CVE
CVE
added 2022/11/11 3:48 p.m.57 views

CVE-2022-27499

CVE-2022-27499 : The Intel® SGX SDK contained a premature release of a resource during its expected lifetime, which may enable information disclosure via local access. The issue affects the Intel SGX SDK software for Linux prior to 2.18.100.1 and for Windows prior to 2.17.100.1. The underlying ca...

4.4CVSS4.3AI score0.00416EPSS
CVE
CVE
added 2019/01/10 8:0 p.m.55 views

CVE-2018-18098

CVE-2018-18098 affects Intel SGX SDK and Intel SGX Platform Software for Windows prior to version 2.2.100. Root cause is improper file verification in the installer, enabling local privilege escalation. Intel’s advisory (INTEL-SA-00203) confirms the CVSS3.0 base score of 7.5 (LOCAL, Privileges Re...

7.3CVSS7.4AI score0.00278EPSS
CVE
CVE
added 2023/02/16 7:59 p.m.53 views

CVE-2022-26841

CVE-2022-26841 affects Intel® SGX SDK for Linux prior to version 2.16.100.1. The issue is insufficient control flow management which may allow an authenticated local user to disclose information. Intel advisory INTEL-SA-00677 confirms the vulnerability and recommends updating to Linux SDK 2.16.10...

5.5CVSS5.1AI score0.00158EPSS
CVE
CVE
added 2023/02/16 7:59 p.m.49 views

CVE-2022-26509

CVE-2022-26509 concerns the Intel SGX SDK. Red Hat and other sources reiterate the same issue: an improper conditions check may allow a privileged user to disclose information via local access. Intel’s advisory (INTEL-SA-00677) specifies affected products and versions: SGX SDK for Linux prior to ...

5.5CVSS5AI score0.00157EPSS