Information Disclosure in Intel Processors Due to Incomplete Cleanup of Multi-Core Shared Buffers
CVE-2022-21123

5.5MEDIUM

Key Information:

Vendor: Xen Project
Status: Intel(r) Processors
Vendor: CVE Published:; 15 June 2022

What is CVE-2022-21123?

A security issue exists in certain Intel processors due to the incomplete cleanup of multi-core shared buffers. This vulnerability potentially allows an authenticated user to access sensitive information via local means. Mitigation measures should be taken to ensure that shared buffers are properly cleared to prevent unauthorized access to confidential data.

Affected Version(s)

Intel(R) Processors See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2022/06/16/1

mailing-listx_refsource_MLIST

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 15, 2022
Vulnerability Reserved
Nov 12, 2021

Xen Project

What is CVE-2022-21123?

Affected Version(s)

References

CVSS V3.1

Timeline