CVE-2022-33894
https://notcve.org/view.php?id=CVE-2022-33894
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. • https://security.netapp.com/advisory/ntap-20230921-0002 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00807.html • CWE-20: Improper Input Validation •
CVE-2022-38090
https://notcve.org/view.php?id=CVE-2022-38090
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html •
CVE-2022-33196 – kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations
https://notcve.org/view.php?id=CVE-2022-33196
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. A flaw was found in the Linux kernel. Some Intel(R) Xeon(R) processors with Intel® Software Guard Extensions (SGX) may allow privilege escalation. This issue may allow a privileged user to enable privilege escalation via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html https://access.redhat.com/security/cve/CVE-2022-33196 https://bugzilla.redhat.com/show_bug.cgi?id=2171252 • CWE-276: Incorrect Default Permissions •
CVE-2022-29493
https://notcve.org/view.php?id=CVE-2022-29493
Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2022-29494
https://notcve.org/view.php?id=CVE-2022-29494
Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html • CWE-20: Improper Input Validation •