CVE-2019-0122
Severity Score
7.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access.
Doble liberación (double free) en Intel(R) SGX SDK para Linux, en versiones anteriores a la 2.2; e Intel(R) SGX SDK para Windows, en versiones anteriores a la 2.1, podría permitir que un usuario autenticado habilite la divulgación de información o una denegación de servicio (DoS) mediante acceso local.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-11-13 CVE Reserved
- 2019-03-14 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-415: Double Free
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html | 2019-03-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Intel Search vendor "Intel" | Software Guard Extensions Sdk Search vendor "Intel" for product "Software Guard Extensions Sdk" | < 2.1 Search vendor "Intel" for product "Software Guard Extensions Sdk" and version " < 2.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Intel Search vendor "Intel" | Software Guard Extensions Sdk Search vendor "Intel" for product "Software Guard Extensions Sdk" | < 2.2 Search vendor "Intel" for product "Software Guard Extensions Sdk" and version " < 2.2" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|