CVE-2022-26841

Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:54

Type Values Removed Values Added
References () http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00677.html - Vendor Advisory () http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00677.html - Vendor Advisory
CVSS v2 : unknown
v3 : 5.5
v2 : unknown
v3 : 2.5

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE CWE-670 NVD-CWE-Other

02 Mar 2023, 23:24

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-670
CPE cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
References (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00677.html - (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00677.html - Vendor Advisory

17 Feb 2023, 12:52

Type Values Removed Values Added
New CVE

Information

Published : 2023-02-16 20:15

Updated : 2024-11-21 06:54


NVD link : CVE-2022-26841

Mitre link : CVE-2022-26841

CVE.ORG link : CVE-2022-26841


JSON object : View

Products Affected

linux

  • linux_kernel

intel

  • sgx_sdk

microsoft

  • windows