CVE-2022-21125

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
Link Resource
http://www.openwall.com/lists/oss-security/2022/06/16/1 Mailing List Patch Third Party Advisory
http://xenbits.xen.org/xsa/advisory-404.html Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/
https://security.gentoo.org/glsa/202208-23 Third Party Advisory
https://security.netapp.com/advisory/ntap-20220624-0008/ Third Party Advisory
https://www.debian.org/security/2022/dsa-5173 Third Party Advisory
https://www.debian.org/security/2022/dsa-5178 Third Party Advisory
https://www.debian.org/security/2022/dsa-5184 Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html Patch Vendor Advisory
http://www.openwall.com/lists/oss-security/2022/06/16/1 Mailing List Patch Third Party Advisory
http://xenbits.xen.org/xsa/advisory-404.html Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/
https://security.gentoo.org/glsa/202208-23 Third Party Advisory
https://security.netapp.com/advisory/ntap-20220624-0008/ Third Party Advisory
https://www.debian.org/security/2022/dsa-5173 Third Party Advisory
https://www.debian.org/security/2022/dsa-5178 Third Party Advisory
https://www.debian.org/security/2022/dsa-5184 Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html Patch Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*
cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*
cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*
cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*
cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*
cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*

Configuration 4 (hide)

OR cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:43

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2022/06/16/1 - Mailing List, Patch, Third Party Advisory () http://www.openwall.com/lists/oss-security/2022/06/16/1 - Mailing List, Patch, Third Party Advisory
References () http://xenbits.xen.org/xsa/advisory-404.html - Patch, Third Party Advisory () http://xenbits.xen.org/xsa/advisory-404.html - Patch, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/ -
References () https://security.gentoo.org/glsa/202208-23 - Third Party Advisory () https://security.gentoo.org/glsa/202208-23 - Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20220624-0008/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20220624-0008/ - Third Party Advisory
References () https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory () https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory
References () https://www.debian.org/security/2022/dsa-5178 - Third Party Advisory () https://www.debian.org/security/2022/dsa-5178 - Third Party Advisory
References () https://www.debian.org/security/2022/dsa-5184 - Third Party Advisory () https://www.debian.org/security/2022/dsa-5184 - Third Party Advisory
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html - Patch, Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html - Patch, Vendor Advisory

19 Aug 2022, 12:49

Type Values Removed Values Added
References (GENTOO) https://security.gentoo.org/glsa/202208-23 - (GENTOO) https://security.gentoo.org/glsa/202208-23 - Third Party Advisory

15 Aug 2022, 11:17

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202208-23 -

03 Aug 2022, 14:04

Type Values Removed Values Added
CPE cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - (MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/ - Mailing List, Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2022/dsa-5173 - (DEBIAN) https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2022/dsa-5178 - (DEBIAN) https://www.debian.org/security/2022/dsa-5178 - Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2022/dsa-5184 - (DEBIAN) https://www.debian.org/security/2022/dsa-5184 - Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/ - Mailing List, Third Party Advisory

23 Jul 2022, 04:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5184 -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/ -

07 Jul 2022, 11:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5178 -

04 Jul 2022, 11:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5173 -

01 Jul 2022, 14:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html -

01 Jul 2022, 06:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/ -

26 Jun 2022, 03:05

Type Values Removed Values Added
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/ - Mailing List, Third Party Advisory
References (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html - (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html - Patch, Vendor Advisory
References (MLIST) http://www.openwall.com/lists/oss-security/2022/06/16/1 - (MLIST) http://www.openwall.com/lists/oss-security/2022/06/16/1 - Mailing List, Patch, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20220624-0008/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20220624-0008/ - Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/ - Mailing List, Third Party Advisory
References (CONFIRM) http://xenbits.xen.org/xsa/advisory-404.html - (CONFIRM) http://xenbits.xen.org/xsa/advisory-404.html - Patch, Third Party Advisory
CWE CWE-459
CVSS v2 : unknown
v3 : unknown
v2 : 2.1
v3 : 5.5
CPE cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:windows:*:*
cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:linux:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:a:intel:sgx_dcap:*:*:*:*:*:windows:*:*
cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:linux:*:*
cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:linux:*:*
cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*
cpe:2.3:a:intel:sgx_psw:*:*:*:*:*:windows:*:*

24 Jun 2022, 16:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20220624-0008/ -

18 Jun 2022, 05:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/ -

17 Jun 2022, 13:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/ -

16 Jun 2022, 22:15

Type Values Removed Values Added
References
  • (CONFIRM) http://xenbits.xen.org/xsa/advisory-404.html -

16 Jun 2022, 18:15

Type Values Removed Values Added
References
  • (MLIST) http://www.openwall.com/lists/oss-security/2022/06/16/1 -

15 Jun 2022, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-06-15 20:15

Updated : 2024-11-21 06:43


NVD link : CVE-2022-21125

Mitre link : CVE-2022-21125

CVE.ORG link : CVE-2022-21125


JSON object : View

Products Affected

vmware

  • esxi

fedoraproject

  • fedora

debian

  • debian_linux

intel

  • sgx_psw
  • sgx_sdk
  • sgx_dcap

xen

  • xen
CWE
CWE-459

Incomplete Cleanup