Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-38023 | 2 Intel, Scontain | 2 Software Guard Extensions, Scone | 2024-01-17 | N/A | 5.5 MEDIUM |
An issue was discovered in SCONE Confidential Computing Platform before 5.8.0 for Intel SGX. Lack of pointer-alignment logic in __scone_dispatch and other entry functions allows a local attacker to access unauthorized information, aka an "AEPIC Leak." | |||||
CVE-2022-41804 | 3 Debian, Fedoraproject, Intel | 382 Debian Linux, Fedora, Xeon Bronze 3408u and 379 more | 2023-12-10 | N/A | 6.7 MEDIUM |
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2022-21163 | 1 Intel | 1 Crypto Api Toolkit For Intel Sgx | 2023-12-10 | N/A | 7.8 HIGH |
Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2022-26841 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
CVE-2022-26509 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2023-12-10 | N/A | 5.5 MEDIUM |
Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. | |||||
CVE-2022-27499 | 1 Intel | 1 Sgx Sdk | 2023-12-10 | N/A | 4.4 MEDIUM |
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. | |||||
CVE-2021-33135 | 1 Intel | 1 Software Guard Extensions | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. | |||||
CVE-2022-0005 | 1 Intel | 918 Celeron G5205u, Celeron G5205u Firmware, Celeron G5305u and 915 more | 2023-12-10 | 2.1 LOW | 2.4 LOW |
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. | |||||
CVE-2021-0186 | 1 Intel | 365 Celeron J1750, Celeron J1750 Firmware, Celeron J1800 and 362 more | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access. | |||||
CVE-2021-33097 | 1 Intel | 1 Crypto Api Toolkit For Intel Sgx | 2023-12-10 | 6.0 MEDIUM | 6.6 MEDIUM |
Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via network access. | |||||
CVE-2020-24491 | 1 Intel | 3 Core I3, Core I5, Core I7 | 2023-12-10 | 1.9 LOW | 4.4 MEDIUM |
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access. | |||||
CVE-2020-24452 | 1 Intel | 1 Sgx Platform | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Improper input validation in the Intel(R) SGX Platform Software for Windows* may allow an authenticated user to potentially enable a denial of service via local access. | |||||
CVE-2020-8766 | 1 Intel | 1 Software Guard Extensions Data Center Attestation Primitives | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
Improper conditions check in the Intel(R) SGX DCAP software before version 1.6 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
CVE-2019-0123 | 1 Intel | 294 Core I7-10510u, Core I7-10510u Firmware, Core I7-10510y and 291 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2019-0117 | 1 Intel | 326 Core I5-7200u, Core I5-7200u Firmware, Core I5-7260u and 323 more | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. | |||||
CVE-2020-0561 | 4 Intel, Linux, Microsoft and 1 more | 5 Software Guard Extensions Sdk, Linux Kernel, Windows and 2 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2019-14566 | 3 Intel, Linux, Microsoft | 3 Software Guard Extensions Sdk, Linux Kernel, Windows | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | |||||
CVE-2019-14565 | 3 Intel, Linux, Microsoft | 3 Software Guard Extensions Sdk, Linux Kernel, Windows | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | |||||
CVE-2019-0157 | 2 Intel, Linux | 3 Software Guard Extensions, Software Guard Extensions Data Center Attestation Primitives, Linux Kernel | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Insufficient input validation in the Intel(R) SGX driver for Linux may allow an authenticated user to potentially enable a denial of service via local access. | |||||
CVE-2019-0122 | 3 Intel, Linux, Microsoft | 3 Software Guard Extensions Sdk, Linux Kernel, Windows | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access. |