CVE-2023-22655

Published: Mar 14, 2024Modified: Nov 21, 2024

6.1

Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N

Exploitability: 0.8 / Impact: 4.7

Source: secure@intel.com (Secondary)

Description

Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Related CWEs

CWE-693

Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

References (6)

https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html

Source: secure@intel.com

https://security.netapp.com/advisory/ntap-20240405-0006/

Source: secure@intel.com

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html

Source: secure@intel.com

https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20240405-0006/

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.