// For flags

CVE-2023-22655

kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R)

Severity Score

6.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

La falla del mecanismo de protección en algunos procesadores Intel(R) Xeon(R) de tercera y cuarta generación cuando se utiliza Intel(R) SGX o Intel(R) TDX puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local.

A vulnerability was found in the Intel Xeon Processor's microcode. This issue may allow a malicious actor to achieve local privilege escalation when using Intel SGX or Intel TDX features.

It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. It was discovered that some Intel® Atom® Processors did not properly clear register state when performing various operations. A local attacker could use this to obtain sensitive information via a transient execution attack. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
High
Availability
None
Attack Vector
Local
Attack Complexity
High
Authentication
Multiple
Confidentiality
Partial
Integrity
Complete
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
None
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2023-01-27 CVE Reserved
  • 2024-03-14 CVE Published
  • 2025-02-13 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-693: Protection Mechanism Failure
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Intel
Search vendor "Intel"
 3rd Gen Intel Xeon Scalable Processor Family
Search vendor "Intel" for product "3rd Gen Intel Xeon Scalable Processor Family"
*-
Affected
Intel
Search vendor "Intel"
 4th Gen Intel Xeon Bronze Processors
Search vendor "Intel" for product "4th Gen Intel Xeon Bronze Processors"
*-
Affected
Intel
Search vendor "Intel"
 4th Gen Intel Xeon Gold Processors
Search vendor "Intel" for product "4th Gen Intel Xeon Gold Processors"
*-
Affected
Intel
Search vendor "Intel"
 4th Gen Intel Xeon Platinum Processors
Search vendor "Intel" for product "4th Gen Intel Xeon Platinum Processors"
*-
Affected
Intel
Search vendor "Intel"
 4th Gen Intel Xeon Scalable Processors
Search vendor "Intel" for product "4th Gen Intel Xeon Scalable Processors"
*-
Affected
Intel
Search vendor "Intel"
 4th Gen Intel Xeon Scalable Processors With Intel Vran
Search vendor "Intel" for product "4th Gen Intel Xeon Scalable Processors With Intel Vran"
*-
Affected
Intel
Search vendor "Intel"
 4th Gen Intel Xeon Silver Processors
Search vendor "Intel" for product "4th Gen Intel Xeon Silver Processors"
*-
Affected
Intel
Search vendor "Intel"
 4th Generation Intel Xeon Gold Processors
Search vendor "Intel" for product "4th Generation Intel Xeon Gold Processors"
*-
Affected
Intel
Search vendor "Intel"
 4th Generation Intel Xeon Platinum Processors
Search vendor "Intel" for product "4th Generation Intel Xeon Platinum Processors"
*-
Affected
Intel
Search vendor "Intel"
 Xeon Cpu Max Series Processors
Search vendor "Intel" for product "Xeon Cpu Max Series Processors"
*-
Affected
Intel
Search vendor "Intel"
 Xeon D Processor
Search vendor "Intel" for product "Xeon D Processor"
*-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
*-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
*-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
*-
Affected
Freebsd
Search vendor "Freebsd"
 Freebsd
Search vendor "Freebsd" for product "Freebsd"
*-
Affected
Opensuse
Search vendor "Opensuse"
 Leap
Search vendor "Opensuse" for product "Leap"
*-
Affected
Suse
Search vendor "Suse"
 Sle-module-basesystem
Search vendor "Suse" for product "Sle-module-basesystem"
*-
Affected
Suse
Search vendor "Suse"
 Sle Hpc-espos
Search vendor "Suse" for product "Sle Hpc-espos"
*-
Affected
Suse
Search vendor "Suse"
 Sle Hpc-ltss
Search vendor "Suse" for product "Sle Hpc-ltss"
*-
Affected
Suse
Search vendor "Suse"
 Sle Hpc
Search vendor "Suse" for product "Sle Hpc"
*-
Affected
Suse
Search vendor "Suse"
 Sled
Search vendor "Suse" for product "Sled"
*-
Affected
Suse
Search vendor "Suse"
 Sles-ltss
Search vendor "Suse" for product "Sles-ltss"
*-
Affected
Suse
Search vendor "Suse"
 Sles
Search vendor "Suse" for product "Sles"
*-
Affected
Suse
Search vendor "Suse"
 Sles Sap
Search vendor "Suse" for product "Sles Sap"
*-
Affected
Suse
Search vendor "Suse"
 Suse-manager-proxy
Search vendor "Suse" for product "Suse-manager-proxy"
*-
Affected
Suse
Search vendor "Suse"
 Suse-manager-server
Search vendor "Suse" for product "Suse-manager-server"
*-
Affected