Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for xeon_e-2104g_firmware by intel

    CVE-2022-40982 (GCVE-0-2022-40982)

    Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2025-02-13 16:33
    VLAI
    Summary
    Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-1342 - Information exposure through microarchitectural state after transient execution
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:28:42.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://xenbits.xen.org/xsa/advisory-435.html"
              },
              {
                "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://downfall.page"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-007/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/solutions/7027704"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://xenbits.xen.org/xsa/advisory-435.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230811-0001/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5474"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5475"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-40982",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-31T20:33:43.011314Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-31T20:43:52.375Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-1342",
                  "description": "Information exposure through microarchitectural state after transient execution",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-27T02:06:52.425Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
              "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
            },
            {
              "url": "https://downfall.page"
            },
            {
              "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-007/"
            },
            {
              "url": "https://access.redhat.com/solutions/7027704"
            },
            {
              "url": "https://xenbits.xen.org/xsa/advisory-435.html"
            },
            {
              "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230811-0001/"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5474"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5475"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
            },
            {
              "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2022-40982",
        "datePublished": "2023-08-11T02:37:05.423Z",
        "dateReserved": "2022-09-27T00:28:29.203Z",
        "dateUpdated": "2025-02-13T16:33:03.126Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-21180 (GCVE-0-2022-21180)

    Vulnerability from nvd – Published: 2022-06-15 20:04 – Updated: 2025-05-05 16:36
    VLAI
    Summary
    Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:31:59.118Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html"
              },
              {
                "name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20220624-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-21180",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:20:35.431351Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-20",
                    "description": "CWE-20 Improper Input Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T16:36:36.678Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": " information disclosure ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-24T15:06:35.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html"
            },
            {
              "name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20220624-0006/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2022-21180",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Processors",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": " information disclosure "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html"
                },
                {
                  "name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20220624-0006/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20220624-0006/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2022-21180",
        "datePublished": "2022-06-15T20:04:21.000Z",
        "dateReserved": "2021-11-12T00:00:00.000Z",
        "dateUpdated": "2025-05-05T16:36:36.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-0005 (GCVE-0-2022-0005)

    Vulnerability from nvd – Published: 2022-05-12 16:36 – Updated: 2025-05-05 16:43
    VLAI
    Summary
    Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors with SGX Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:18:41.492Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "PHYSICAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 2.4,
                  "baseSeverity": "LOW",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-0005",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:20:50.100849Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-319",
                    "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T16:43:56.233Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors with SGX",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-05-12T16:36:04.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2022-0005",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Processors with SGX",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2022-0005",
        "datePublished": "2022-05-12T16:36:04.000Z",
        "dateReserved": "2021-10-15T00:00:00.000Z",
        "dateUpdated": "2025-05-05T16:43:56.233Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-14615 (GCVE-0-2019-14615)

    Vulnerability from nvd – Published: 2020-01-17 17:36 – Updated: 2024-08-05 00:19
    VLAI
    Summary
    Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • information disclosure
    Assigner
    References
    URL Tags
    https://www.intel.com/content/www/us/en/security-… x_refsource_CONFIRM
    https://usn.ubuntu.com/4253-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4254-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4255-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4255-2/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4253-2/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4254-2/ vendor-advisoryx_refsource_UBUNTU
    http://packetstormsecurity.com/files/156185/Kerne… x_refsource_MISC
    http://packetstormsecurity.com/files/156455/Kerne… x_refsource_MISC
    https://usn.ubuntu.com/4285-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4287-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4286-2/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4287-2/ vendor-advisoryx_refsource_UBUNTU
    https://lists.debian.org/debian-lts-announce/2020… mailing-listx_refsource_MLIST
    https://usn.ubuntu.com/4284-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4286-1/ vendor-advisoryx_refsource_UBUNTU
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    https://support.apple.com/kb/HT211100 x_refsource_CONFIRM
    http://seclists.org/fulldisclosure/2020/Mar/31 mailing-listx_refsource_FULLDISC
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:19:41.439Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html"
              },
              {
                "name": "USN-4253-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4253-1/"
              },
              {
                "name": "USN-4254-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4254-1/"
              },
              {
                "name": "USN-4255-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4255-1/"
              },
              {
                "name": "USN-4255-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4255-2/"
              },
              {
                "name": "USN-4253-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4253-2/"
              },
              {
                "name": "USN-4254-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4254-2/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
              },
              {
                "name": "USN-4285-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4285-1/"
              },
              {
                "name": "USN-4287-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4287-1/"
              },
              {
                "name": "USN-4286-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4286-2/"
              },
              {
                "name": "USN-4287-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4287-2/"
              },
              {
                "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
              },
              {
                "name": "USN-4284-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4284-1/"
              },
              {
                "name": "USN-4286-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4286-1/"
              },
              {
                "name": "openSUSE-SU-2020:0336",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/kb/HT211100"
              },
              {
                "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-25T07:06:25.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html"
            },
            {
              "name": "USN-4253-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4253-1/"
            },
            {
              "name": "USN-4254-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4254-1/"
            },
            {
              "name": "USN-4255-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4255-1/"
            },
            {
              "name": "USN-4255-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4255-2/"
            },
            {
              "name": "USN-4253-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4253-2/"
            },
            {
              "name": "USN-4254-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4254-2/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
            },
            {
              "name": "USN-4285-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4285-1/"
            },
            {
              "name": "USN-4287-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4287-1/"
            },
            {
              "name": "USN-4286-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4286-2/"
            },
            {
              "name": "USN-4287-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4287-2/"
            },
            {
              "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
            },
            {
              "name": "USN-4284-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4284-1/"
            },
            {
              "name": "USN-4286-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4286-1/"
            },
            {
              "name": "openSUSE-SU-2020:0336",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.apple.com/kb/HT211100"
            },
            {
              "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-14615",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Processors",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "various"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html"
                },
                {
                  "name": "USN-4253-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4253-1/"
                },
                {
                  "name": "USN-4254-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4254-1/"
                },
                {
                  "name": "USN-4255-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4255-1/"
                },
                {
                  "name": "USN-4255-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4255-2/"
                },
                {
                  "name": "USN-4253-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4253-2/"
                },
                {
                  "name": "USN-4254-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4254-2/"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
                },
                {
                  "name": "USN-4285-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4285-1/"
                },
                {
                  "name": "USN-4287-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4287-1/"
                },
                {
                  "name": "USN-4286-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4286-2/"
                },
                {
                  "name": "USN-4287-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4287-2/"
                },
                {
                  "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
                },
                {
                  "name": "USN-4284-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4284-1/"
                },
                {
                  "name": "USN-4286-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4286-1/"
                },
                {
                  "name": "openSUSE-SU-2020:0336",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
                },
                {
                  "name": "https://support.apple.com/kb/HT211100",
                  "refsource": "CONFIRM",
                  "url": "https://support.apple.com/kb/HT211100"
                },
                {
                  "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-14615",
        "datePublished": "2020-01-17T17:36:57.000Z",
        "dateReserved": "2019-08-03T00:00:00.000Z",
        "dateUpdated": "2024-08-05T00:19:41.439Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-11157 (GCVE-0-2019-11157)

    Vulnerability from nvd – Published: 2019-12-16 19:12 – Updated: 2024-08-04 22:48
    VLAI
    Summary
    Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors Affected: See References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:48:08.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20191217-0001/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K10321239?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See References"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-17T22:09:05.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20191217-0001/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K10321239?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-11157",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Processors",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See References"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20191217-0001/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20191217-0001/"
                },
                {
                  "name": "https://support.f5.com/csp/article/K10321239?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K10321239?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-11157",
        "datePublished": "2019-12-16T19:12:29.000Z",
        "dateReserved": "2019-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:48:08.988Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12207 (GCVE-0-2018-12207)

    Vulnerability from nvd – Published: 2019-11-14 19:08 – Updated: 2024-08-05 08:30
    VLAI
    Summary
    Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service
    Assigner
    References
    URL Tags
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://access.redhat.com/errata/RHSA-2019:3916 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3936 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3941 vendor-advisoryx_refsource_REDHAT
    https://usn.ubuntu.com/4186-2/ vendor-advisoryx_refsource_UBUNTU
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    https://access.redhat.com/errata/RHSA-2020:0026 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2020:0028 vendor-advisoryx_refsource_REDHAT
    https://www.debian.org/security/2020/dsa-4602 vendor-advisoryx_refsource_DEBIAN
    https://seclists.org/bugtraq/2020/Jan/21 mailing-listx_refsource_BUGTRAQ
    https://access.redhat.com/errata/RHSA-2020:0204 vendor-advisoryx_refsource_REDHAT
    https://security.gentoo.org/glsa/202003-56 vendor-advisoryx_refsource_GENTOO
    https://www.oracle.com/security-alerts/cpujul2020.html x_refsource_MISC
    https://www.intel.com/content/www/us/en/security-… x_refsource_MISC
    https://support.f5.com/csp/article/K17269881?utm_… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – Intel(R) Processor Machine Check Error Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:30:58.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2019-376ec5c107",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
              },
              {
                "name": "RHSA-2019:3916",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3916"
              },
              {
                "name": "RHSA-2019:3936",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3936"
              },
              {
                "name": "RHSA-2019:3941",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3941"
              },
              {
                "name": "USN-4186-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4186-2/"
              },
              {
                "name": "FEDORA-2019-cbb732f760",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
              },
              {
                "name": "openSUSE-SU-2019:2710",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
              },
              {
                "name": "RHSA-2020:0026",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0026"
              },
              {
                "name": "RHSA-2020:0028",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0028"
              },
              {
                "name": "DSA-4602",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4602"
              },
              {
                "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "https://seclists.org/bugtraq/2020/Jan/21"
              },
              {
                "name": "RHSA-2020:0204",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0204"
              },
              {
                "name": "GLSA-202003-56",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202003-56"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 Intel(R) Processor Machine Check Error",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-15T02:22:57.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "FEDORA-2019-376ec5c107",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
            },
            {
              "name": "RHSA-2019:3916",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3916"
            },
            {
              "name": "RHSA-2019:3936",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3936"
            },
            {
              "name": "RHSA-2019:3941",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3941"
            },
            {
              "name": "USN-4186-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4186-2/"
            },
            {
              "name": "FEDORA-2019-cbb732f760",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
            },
            {
              "name": "openSUSE-SU-2019:2710",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
            },
            {
              "name": "RHSA-2020:0026",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0026"
            },
            {
              "name": "RHSA-2020:0028",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0028"
            },
            {
              "name": "DSA-4602",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4602"
            },
            {
              "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "https://seclists.org/bugtraq/2020/Jan/21"
            },
            {
              "name": "RHSA-2020:0204",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0204"
            },
            {
              "name": "GLSA-202003-56",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202003-56"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2018-12207",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 Intel(R) Processor Machine Check Error",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2019-376ec5c107",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
                },
                {
                  "name": "RHSA-2019:3916",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3916"
                },
                {
                  "name": "RHSA-2019:3936",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3936"
                },
                {
                  "name": "RHSA-2019:3941",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3941"
                },
                {
                  "name": "USN-4186-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4186-2/"
                },
                {
                  "name": "FEDORA-2019-cbb732f760",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
                },
                {
                  "name": "openSUSE-SU-2019:2710",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
                },
                {
                  "name": "RHSA-2020:0026",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0026"
                },
                {
                  "name": "RHSA-2020:0028",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0028"
                },
                {
                  "name": "DSA-4602",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4602"
                },
                {
                  "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
                  "refsource": "BUGTRAQ",
                  "url": "https://seclists.org/bugtraq/2020/Jan/21"
                },
                {
                  "name": "RHSA-2020:0204",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0204"
                },
                {
                  "name": "GLSA-202003-56",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202003-56"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
                },
                {
                  "name": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-12207",
        "datePublished": "2019-11-14T19:08:45.000Z",
        "dateReserved": "2018-06-11T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:30:58.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-40982 (GCVE-0-2022-40982)

    Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2025-02-13 16:33
    VLAI
    Summary
    Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-1342 - Information exposure through microarchitectural state after transient execution
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:28:42.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://xenbits.xen.org/xsa/advisory-435.html"
              },
              {
                "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://downfall.page"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-007/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/solutions/7027704"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://xenbits.xen.org/xsa/advisory-435.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20230811-0001/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5474"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5475"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-40982",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-31T20:33:43.011314Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-31T20:43:52.375Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-1342",
                  "description": "Information exposure through microarchitectural state after transient execution",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-27T02:06:52.425Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
              "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
            },
            {
              "url": "https://downfall.page"
            },
            {
              "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-007/"
            },
            {
              "url": "https://access.redhat.com/solutions/7027704"
            },
            {
              "url": "https://xenbits.xen.org/xsa/advisory-435.html"
            },
            {
              "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20230811-0001/"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5474"
            },
            {
              "url": "https://www.debian.org/security/2023/dsa-5475"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/"
            },
            {
              "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2022-40982",
        "datePublished": "2023-08-11T02:37:05.423Z",
        "dateReserved": "2022-09-27T00:28:29.203Z",
        "dateUpdated": "2025-02-13T16:33:03.126Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-21180 (GCVE-0-2022-21180)

    Vulnerability from cvelistv5 – Published: 2022-06-15 20:04 – Updated: 2025-05-05 16:36
    VLAI
    Summary
    Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:31:59.118Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html"
              },
              {
                "name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20220624-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-21180",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:20:35.431351Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-20",
                    "description": "CWE-20 Improper Input Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T16:36:36.678Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": " information disclosure ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-24T15:06:35.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html"
            },
            {
              "name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20220624-0006/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2022-21180",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Processors",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": " information disclosure "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html"
                },
                {
                  "name": "[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2022/06/16/1"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20220624-0006/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20220624-0006/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2022-21180",
        "datePublished": "2022-06-15T20:04:21.000Z",
        "dateReserved": "2021-11-12T00:00:00.000Z",
        "dateUpdated": "2025-05-05T16:36:36.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-0005 (GCVE-0-2022-0005)

    Vulnerability from cvelistv5 – Published: 2022-05-12 16:36 – Updated: 2025-05-05 16:43
    VLAI
    Summary
    Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors with SGX Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:18:41.492Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "PHYSICAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 2.4,
                  "baseSeverity": "LOW",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-0005",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:20:50.100849Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-319",
                    "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T16:43:56.233Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors with SGX",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-05-12T16:36:04.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2022-0005",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Processors with SGX",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2022-0005",
        "datePublished": "2022-05-12T16:36:04.000Z",
        "dateReserved": "2021-10-15T00:00:00.000Z",
        "dateUpdated": "2025-05-05T16:43:56.233Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-14615 (GCVE-0-2019-14615)

    Vulnerability from cvelistv5 – Published: 2020-01-17 17:36 – Updated: 2024-08-05 00:19
    VLAI
    Summary
    Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • information disclosure
    Assigner
    References
    URL Tags
    https://www.intel.com/content/www/us/en/security-… x_refsource_CONFIRM
    https://usn.ubuntu.com/4253-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4254-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4255-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4255-2/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4253-2/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4254-2/ vendor-advisoryx_refsource_UBUNTU
    http://packetstormsecurity.com/files/156185/Kerne… x_refsource_MISC
    http://packetstormsecurity.com/files/156455/Kerne… x_refsource_MISC
    https://usn.ubuntu.com/4285-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4287-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4286-2/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4287-2/ vendor-advisoryx_refsource_UBUNTU
    https://lists.debian.org/debian-lts-announce/2020… mailing-listx_refsource_MLIST
    https://usn.ubuntu.com/4284-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/4286-1/ vendor-advisoryx_refsource_UBUNTU
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    https://support.apple.com/kb/HT211100 x_refsource_CONFIRM
    http://seclists.org/fulldisclosure/2020/Mar/31 mailing-listx_refsource_FULLDISC
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:19:41.439Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html"
              },
              {
                "name": "USN-4253-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4253-1/"
              },
              {
                "name": "USN-4254-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4254-1/"
              },
              {
                "name": "USN-4255-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4255-1/"
              },
              {
                "name": "USN-4255-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4255-2/"
              },
              {
                "name": "USN-4253-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4253-2/"
              },
              {
                "name": "USN-4254-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4254-2/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
              },
              {
                "name": "USN-4285-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4285-1/"
              },
              {
                "name": "USN-4287-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4287-1/"
              },
              {
                "name": "USN-4286-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4286-2/"
              },
              {
                "name": "USN-4287-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4287-2/"
              },
              {
                "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
              },
              {
                "name": "USN-4284-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4284-1/"
              },
              {
                "name": "USN-4286-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4286-1/"
              },
              {
                "name": "openSUSE-SU-2020:0336",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/kb/HT211100"
              },
              {
                "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-25T07:06:25.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html"
            },
            {
              "name": "USN-4253-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4253-1/"
            },
            {
              "name": "USN-4254-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4254-1/"
            },
            {
              "name": "USN-4255-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4255-1/"
            },
            {
              "name": "USN-4255-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4255-2/"
            },
            {
              "name": "USN-4253-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4253-2/"
            },
            {
              "name": "USN-4254-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4254-2/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
            },
            {
              "name": "USN-4285-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4285-1/"
            },
            {
              "name": "USN-4287-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4287-1/"
            },
            {
              "name": "USN-4286-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4286-2/"
            },
            {
              "name": "USN-4287-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4287-2/"
            },
            {
              "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
            },
            {
              "name": "USN-4284-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4284-1/"
            },
            {
              "name": "USN-4286-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4286-1/"
            },
            {
              "name": "openSUSE-SU-2020:0336",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.apple.com/kb/HT211100"
            },
            {
              "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-14615",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Processors",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "various"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html"
                },
                {
                  "name": "USN-4253-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4253-1/"
                },
                {
                  "name": "USN-4254-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4254-1/"
                },
                {
                  "name": "USN-4255-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4255-1/"
                },
                {
                  "name": "USN-4255-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4255-2/"
                },
                {
                  "name": "USN-4253-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4253-2/"
                },
                {
                  "name": "USN-4254-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4254-2/"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
                },
                {
                  "name": "USN-4285-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4285-1/"
                },
                {
                  "name": "USN-4287-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4287-1/"
                },
                {
                  "name": "USN-4286-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4286-2/"
                },
                {
                  "name": "USN-4287-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4287-2/"
                },
                {
                  "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
                },
                {
                  "name": "USN-4284-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4284-1/"
                },
                {
                  "name": "USN-4286-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4286-1/"
                },
                {
                  "name": "openSUSE-SU-2020:0336",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
                },
                {
                  "name": "https://support.apple.com/kb/HT211100",
                  "refsource": "CONFIRM",
                  "url": "https://support.apple.com/kb/HT211100"
                },
                {
                  "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-14615",
        "datePublished": "2020-01-17T17:36:57.000Z",
        "dateReserved": "2019-08-03T00:00:00.000Z",
        "dateUpdated": "2024-08-05T00:19:41.439Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-11157 (GCVE-0-2019-11157)

    Vulnerability from cvelistv5 – Published: 2019-12-16 19:12 – Updated: 2024-08-04 22:48
    VLAI
    Summary
    Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) Processors Affected: See References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:48:08.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20191217-0001/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K10321239?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) Processors",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See References"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-17T22:09:05.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20191217-0001/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K10321239?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2019-11157",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) Processors",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See References"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20191217-0001/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20191217-0001/"
                },
                {
                  "name": "https://support.f5.com/csp/article/K10321239?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K10321239?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2019-11157",
        "datePublished": "2019-12-16T19:12:29.000Z",
        "dateReserved": "2019-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:48:08.988Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12207 (GCVE-0-2018-12207)

    Vulnerability from cvelistv5 – Published: 2019-11-14 19:08 – Updated: 2024-08-05 08:30
    VLAI
    Summary
    Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service
    Assigner
    References
    URL Tags
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://access.redhat.com/errata/RHSA-2019:3916 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3936 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2019:3941 vendor-advisoryx_refsource_REDHAT
    https://usn.ubuntu.com/4186-2/ vendor-advisoryx_refsource_UBUNTU
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    https://access.redhat.com/errata/RHSA-2020:0026 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2020:0028 vendor-advisoryx_refsource_REDHAT
    https://www.debian.org/security/2020/dsa-4602 vendor-advisoryx_refsource_DEBIAN
    https://seclists.org/bugtraq/2020/Jan/21 mailing-listx_refsource_BUGTRAQ
    https://access.redhat.com/errata/RHSA-2020:0204 vendor-advisoryx_refsource_REDHAT
    https://security.gentoo.org/glsa/202003-56 vendor-advisoryx_refsource_GENTOO
    https://www.oracle.com/security-alerts/cpujul2020.html x_refsource_MISC
    https://www.intel.com/content/www/us/en/security-… x_refsource_MISC
    https://support.f5.com/csp/article/K17269881?utm_… x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    n/a 2019.2 IPU – Intel(R) Processor Machine Check Error Affected: See provided reference
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:30:58.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2019-376ec5c107",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
              },
              {
                "name": "RHSA-2019:3916",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3916"
              },
              {
                "name": "RHSA-2019:3936",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3936"
              },
              {
                "name": "RHSA-2019:3941",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2019:3941"
              },
              {
                "name": "USN-4186-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4186-2/"
              },
              {
                "name": "FEDORA-2019-cbb732f760",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
              },
              {
                "name": "openSUSE-SU-2019:2710",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
              },
              {
                "name": "RHSA-2020:0026",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0026"
              },
              {
                "name": "RHSA-2020:0028",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0028"
              },
              {
                "name": "DSA-4602",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4602"
              },
              {
                "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "https://seclists.org/bugtraq/2020/Jan/21"
              },
              {
                "name": "RHSA-2020:0204",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2020:0204"
              },
              {
                "name": "GLSA-202003-56",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202003-56"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp%3Butm_medium=RSS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "2019.2 IPU \u2013 Intel(R) Processor Machine Check Error",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See provided reference"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-15T02:22:57.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "FEDORA-2019-376ec5c107",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
            },
            {
              "name": "RHSA-2019:3916",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3916"
            },
            {
              "name": "RHSA-2019:3936",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3936"
            },
            {
              "name": "RHSA-2019:3941",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3941"
            },
            {
              "name": "USN-4186-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4186-2/"
            },
            {
              "name": "FEDORA-2019-cbb732f760",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
            },
            {
              "name": "openSUSE-SU-2019:2710",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
            },
            {
              "name": "RHSA-2020:0026",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0026"
            },
            {
              "name": "RHSA-2020:0028",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0028"
            },
            {
              "name": "DSA-4602",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4602"
            },
            {
              "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "https://seclists.org/bugtraq/2020/Jan/21"
            },
            {
              "name": "RHSA-2020:0204",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2020:0204"
            },
            {
              "name": "GLSA-202003-56",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202003-56"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2018-12207",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "2019.2 IPU \u2013 Intel(R) Processor Machine Check Error",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See provided reference"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2019-376ec5c107",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/"
                },
                {
                  "name": "RHSA-2019:3916",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3916"
                },
                {
                  "name": "RHSA-2019:3936",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3936"
                },
                {
                  "name": "RHSA-2019:3941",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2019:3941"
                },
                {
                  "name": "USN-4186-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4186-2/"
                },
                {
                  "name": "FEDORA-2019-cbb732f760",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/"
                },
                {
                  "name": "openSUSE-SU-2019:2710",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html"
                },
                {
                  "name": "RHSA-2020:0026",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0026"
                },
                {
                  "name": "RHSA-2020:0028",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0028"
                },
                {
                  "name": "DSA-4602",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4602"
                },
                {
                  "name": "20200114 [SECURITY] [DSA 4602-1] xen security update",
                  "refsource": "BUGTRAQ",
                  "url": "https://seclists.org/bugtraq/2020/Jan/21"
                },
                {
                  "name": "RHSA-2020:0204",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2020:0204"
                },
                {
                  "name": "GLSA-202003-56",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202003-56"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
                },
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html"
                },
                {
                  "name": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp;utm_medium=RSS",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K17269881?utm_source=f5support\u0026amp;utm_medium=RSS"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2018-12207",
        "datePublished": "2019-11-14T19:08:45.000Z",
        "dateReserved": "2018-06-11T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:30:58.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }