CVE-2022-41804
Advisory lineage Upstream: 0 Downstream: 16
Modified
Published: 11 Aug 2023, 02:37
Last modified:13 Feb 2025, 16:33
Vulnerability Summary
Overall Risk (default)
medium
29/100 CVSS Score
7.2 HIGH
v3.1 (cve.org)
EPSS Score
0.02% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
11 Aug 2023, 02:37
Published
Vulnerability first disclosed
13 Feb 2025, 16:33
Last Modified
Vulnerability information updated
Description
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Metrics
- v3.1•HIGH•Score: 7.2CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H
- v3.1•MEDIUM•Score: 6.7CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Trends
Current EPSS score: 0.02%• Percentile: 4%
Techniques & Countermeasures
- CWE-1334•Unauthorized Error Injection Can Degrade Hardware Redundancy
An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating mode.
Affected Systems
- debian•debian_linux
11.0 | 12.0
- fedoraproject•fedora
38
- intel•xeon_bronze_3408u_firmware
na
- intel•xeon_d-1513n_firmware
na
- intel•xeon_d-1518_firmware
na
- intel•xeon_d-1520_firmware
na
- intel•xeon_d-1521_firmware
na
- intel•xeon_d-1523n_firmware
na
- intel•xeon_d-1527_firmware
na
- intel•xeon_d-1528_firmware
na
- intel•xeon_d-1529_firmware
na
- intel•xeon_d-1531_firmware
na
- intel•xeon_d-1533n_firmware
na
- intel•xeon_d-1537_firmware
na
- intel•xeon_d-1539_firmware
na
- intel•xeon_d-1540_firmware
na
- intel•xeon_d-1541_firmware
na
- intel•xeon_d-1543n_firmware
na
- intel•xeon_d-1548_firmware
na
- intel•xeon_d-1553n_firmware
na
- intel•xeon_d-1557_firmware
na
- intel•xeon_d-1559_firmware
na
- intel•xeon_d-1567_firmware
na
- intel•xeon_d-1571_firmware
na
- intel•xeon_d-1577_firmware
na
- intel•xeon_d-1602_firmware
na
- intel•xeon_d-1622_firmware
na
- intel•xeon_d-1623n_firmware
na
- intel•xeon_d-1627_firmware
na
- intel•xeon_d-1633n_firmware
na
- intel•xeon_d-1637_firmware
na
- intel•xeon_d-1649n_firmware
na
- intel•xeon_d-1653n_firmware
na
- intel•xeon_d-1702_firmware
na
- intel•xeon_d-1712tr_firmware
na
- intel•xeon_d-1713nt_firmware
na
- intel•xeon_d-1713nte_firmware
na
- intel•xeon_d-1714_firmware
na
- intel•xeon_d-1715ter_firmware
na
- intel•xeon_d-1718t_firmware
na
- intel•xeon_d-1722ne_firmware
na
- intel•xeon_d-1726_firmware
na
- intel•xeon_d-1732te_firmware
na
- intel•xeon_d-1733nt_firmware
na
- intel•xeon_d-1734nt_firmware
na
- intel•xeon_d-1735tr_firmware
na
- intel•xeon_d-1736_firmware
na
- intel•xeon_d-1736nt_firmware
na
- intel•xeon_d-1739_firmware
na
- intel•xeon_d-1746ter_firmware
na
Showing first 50 affected entries in server-rendered view.
References (6)
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html
- https://www.debian.org/security/2023/dsa-5474
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/
- https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html
- https://security.netapp.com/advisory/ntap-20230915-0003/