CVE-2022-41804

HIGH

Intel(R) SGX/TDX - Privilege Escalation

Title source: llm

Description

Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

References (6)

Core 6

Core References

Vendor Advisory

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/

Mailing List

https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html

Third Party Advisory

https://www.debian.org/security/2023/dsa-5474

Vendor Advisory

https://security.netapp.com/advisory/ntap-20230915-0003/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/

Scores

CVSS v3 7.2

EPSS 0.0002

EPSS Percentile 4.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1334

Status published

Products (50)

debian/debian_linux 11.0

debian/debian_linux 12.0

fedoraproject/fedora 38

intel/xeon_bronze_3408u_firmware

intel/xeon_d-1513n_firmware

intel/xeon_d-1518_firmware

intel/xeon_d-1520_firmware

intel/xeon_d-1521_firmware

intel/xeon_d-1523n_firmware

intel/xeon_d-1527_firmware

... and 40 more

Published Aug 11, 2023

Tracked Since Feb 18, 2026