CVE-2022-41804
https://notcve.org/view.php?id=CVE-2022-41804
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. La inyección de errores no autorizada en Intel(R) SGX o Intel(R) TDX para algunos procesadores Intel(R) Xeon(R) puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J https://security.netapp.com/advisory/ntap-20230915-0003 https://www.debian.org/security/2023/dsa-5474 • CWE-1334: Unauthorized Error Injection Can Degrade Hardware Redundancy •
CVE-2023-23908
https://notcve.org/view.php?id=CVE-2023-23908
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J https://security.netapp.com/advisory/ntap-20230824-0003 https://www.debian.org/security/2023/dsa-5474 • CWE-284: Improper Access Control •
CVE-2022-43505
https://notcve.org/view.php?id=CVE-2022-43505
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. La gestión insuficiente del flujo de control en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir que un usuario con privilegios habilite potencialmente la denegación de servicio mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html https://security.netapp.com/advisory/ntap-20230824-0001 • CWE-691: Insufficient Control Flow Management •
CVE-2022-38090
https://notcve.org/view.php?id=CVE-2022-38090
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html •
CVE-2022-33196 – kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations
https://notcve.org/view.php?id=CVE-2022-33196
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. A flaw was found in the Linux kernel. Some Intel(R) Xeon(R) processors with Intel® Software Guard Extensions (SGX) may allow privilege escalation. This issue may allow a privileged user to enable privilege escalation via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html https://access.redhat.com/security/cve/CVE-2022-33196 https://bugzilla.redhat.com/show_bug.cgi?id=2171252 • CWE-276: Incorrect Default Permissions •