WID-SEC-W-2022-0303
Vulnerability from csaf_certbund - Published: 2022-06-14 22:00 - Updated: 2023-06-01 22:00Summary
Intel Prozessor: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Prozessor ist das zentrale Rechenwerk eines Computers.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen im Intel Prozessor ausnutzen, um Informationen offenzulegen und einen Denial of Service Zustand herzustellen.
Betroffene Betriebssysteme: - BIOS/Firmware
- Sonstiges
Im Intel Prozessor existieren mehrere Schwachstellen. Die Fehler bestehen aufgrund einer unvollständigen Bereinigung von gemeinsam genutzten Multi-Core-Puffern, mikroarchitektonischen Füllpuffern, speziellen Register-Leseoperationen und speziellen Register-Schreiboperationen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen.
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer 7.0
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Red Hat OpenShift
Red Hat
|
cpe:/a:redhat:openshift:-
|
— | |
|
VMware ESXi 7.0
VMware / ESXi
|
cpe:/o:vmware:esxi:7.0
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Intel Prozessor
Intel
|
cpe:/h:intel:intel_prozessor:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
VMware ESXi 6.7
VMware / ESXi
|
cpe:/o:vmware:esxi:6.7
|
— | |
|
VMware Cloud Foundation 4.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:4.x
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
VMware Cloud Foundation 3.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:3.x
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
— | |
|
VMware ESXi 6.5
VMware / ESXi
|
cpe:/o:vmware:esxi:6.5
|
— | |
|
IBM DataPower Gateway 10.5.0
IBM
|
cpe:/a:ibm:datapower_gateway:10.5.0
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— |
Im Intel Prozessor existieren mehrere Schwachstellen. Die Fehler bestehen aufgrund einer unvollständigen Bereinigung von gemeinsam genutzten Multi-Core-Puffern, mikroarchitektonischen Füllpuffern, speziellen Register-Leseoperationen und speziellen Register-Schreiboperationen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen.
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer 7.0
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Red Hat OpenShift
Red Hat
|
cpe:/a:redhat:openshift:-
|
— | |
|
VMware ESXi 7.0
VMware / ESXi
|
cpe:/o:vmware:esxi:7.0
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Intel Prozessor
Intel
|
cpe:/h:intel:intel_prozessor:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
VMware ESXi 6.7
VMware / ESXi
|
cpe:/o:vmware:esxi:6.7
|
— | |
|
VMware Cloud Foundation 4.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:4.x
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
VMware Cloud Foundation 3.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:3.x
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
— | |
|
VMware ESXi 6.5
VMware / ESXi
|
cpe:/o:vmware:esxi:6.5
|
— | |
|
IBM DataPower Gateway 10.5.0
IBM
|
cpe:/a:ibm:datapower_gateway:10.5.0
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— |
Im Intel Prozessor existieren mehrere Schwachstellen. Die Fehler bestehen aufgrund einer unvollständigen Bereinigung von gemeinsam genutzten Multi-Core-Puffern, mikroarchitektonischen Füllpuffern, speziellen Register-Leseoperationen und speziellen Register-Schreiboperationen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen.
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer 7.0
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Red Hat OpenShift
Red Hat
|
cpe:/a:redhat:openshift:-
|
— | |
|
VMware ESXi 7.0
VMware / ESXi
|
cpe:/o:vmware:esxi:7.0
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Intel Prozessor
Intel
|
cpe:/h:intel:intel_prozessor:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
VMware ESXi 6.7
VMware / ESXi
|
cpe:/o:vmware:esxi:6.7
|
— | |
|
VMware Cloud Foundation 4.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:4.x
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
VMware Cloud Foundation 3.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:3.x
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
— | |
|
VMware ESXi 6.5
VMware / ESXi
|
cpe:/o:vmware:esxi:6.5
|
— | |
|
IBM DataPower Gateway 10.5.0
IBM
|
cpe:/a:ibm:datapower_gateway:10.5.0
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— |
Im Intel Prozessor existieren mehrere Schwachstellen. Die Fehler bestehen aufgrund einer unvollständigen Bereinigung von gemeinsam genutzten Multi-Core-Puffern, mikroarchitektonischen Füllpuffern, speziellen Register-Leseoperationen und speziellen Register-Schreiboperationen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen.
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer 7.0
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Red Hat OpenShift
Red Hat
|
cpe:/a:redhat:openshift:-
|
— | |
|
VMware ESXi 7.0
VMware / ESXi
|
cpe:/o:vmware:esxi:7.0
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Intel Prozessor
Intel
|
cpe:/h:intel:intel_prozessor:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
VMware ESXi 6.7
VMware / ESXi
|
cpe:/o:vmware:esxi:6.7
|
— | |
|
VMware Cloud Foundation 4.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:4.x
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
VMware Cloud Foundation 3.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:3.x
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
— | |
|
VMware ESXi 6.5
VMware / ESXi
|
cpe:/o:vmware:esxi:6.5
|
— | |
|
IBM DataPower Gateway 10.5.0
IBM
|
cpe:/a:ibm:datapower_gateway:10.5.0
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— |
Es existiert eine Schwachstelle im Intel Prozessor. Der Fehler ist auf eine unsachgemäße Eingabevalidierung zurückzuführen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer 7.0
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Red Hat OpenShift
Red Hat
|
cpe:/a:redhat:openshift:-
|
— | |
|
VMware ESXi 7.0
VMware / ESXi
|
cpe:/o:vmware:esxi:7.0
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Intel Prozessor
Intel
|
cpe:/h:intel:intel_prozessor:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
VMware ESXi 6.7
VMware / ESXi
|
cpe:/o:vmware:esxi:6.7
|
— | |
|
VMware Cloud Foundation 4.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:4.x
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
VMware Cloud Foundation 3.x
VMware / Cloud Foundation
|
cpe:/a:vmware:cloud_foundation:3.x
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
— | |
|
VMware ESXi 6.5
VMware / ESXi
|
cpe:/o:vmware:esxi:6.5
|
— | |
|
IBM DataPower Gateway 10.5.0
IBM
|
cpe:/a:ibm:datapower_gateway:10.5.0
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— |
References
59 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Prozessor ist das zentrale Rechenwerk eines Computers.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Intel Prozessor ausnutzen, um Informationen offenzulegen und einen Denial of Service Zustand herzustellen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0303 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0303.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0303 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0303"
},
{
"category": "external",
"summary": "F5 Security Advisory K08152433 vom 2023-06-02",
"url": "https://my.f5.com/manage/s/article/K08152433"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2116-1 vom 2022-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011311.html"
},
{
"category": "external",
"summary": "Lenovo Security Advisory",
"url": "https://support.lenovo.com/us/en/product_security/LEN-84094"
},
{
"category": "external",
"summary": "Lenovo Security Advisory",
"url": "https://support.lenovo.com/us/en/product_security/LEN-77468"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5486-1 vom 2022-06-20",
"url": "https://ubuntu.com/security/notices/USN-5486-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2111-1 vom 2022-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011310.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9483 vom 2022-06-15",
"url": "http://linux.oracle.com/errata/ELSA-2022-9483.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9486 vom 2022-06-15",
"url": "http://linux.oracle.com/errata/ELSA-2022-9486.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9485 vom 2022-06-15",
"url": "http://linux.oracle.com/errata/ELSA-2022-9485.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5485-1 vom 2022-06-17",
"url": "https://ubuntu.com/security/notices/USN-5485-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2104-1 vom 2022-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011302.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5484-1 vom 2022-06-17",
"url": "https://ubuntu.com/security/notices/USN-5484-1"
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF03796 vom 2022-06-16",
"url": "https://support.hp.com/us-en/document/ish_6396323-6396360-16/HPSBHF03796"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2103-1 vom 2022-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011299.html"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN HPESBHF04320 rev.1 vom 2022-06-14",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbhf04320en_us\u0026hprpt_id=ALERT_HPE_3026093\u0026jumpid=em_pom8nu6hj_aid-520066529"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9481 vom 2022-06-15",
"url": "http://linux.oracle.com/errata/ELSA-2022-9481.html"
},
{
"category": "external",
"summary": "Intel Security Advisory vom 2022-06-14",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html"
},
{
"category": "external",
"summary": "Intel Security Advisory vom 2022-06-14",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html"
},
{
"category": "external",
"summary": "VMware Security Advisory",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0016.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9507 vom 2022-06-23",
"url": "https://linux.oracle.com/errata/ELSA-2022-9507.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9508 vom 2022-06-23",
"url": "https://linux.oracle.com/errata/ELSA-2022-9508.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2177-1 vom 2022-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011353.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9534 vom 2022-07-01",
"url": "https://linux.oracle.com/errata/ELSA-2022-9534.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9533 vom 2022-07-01",
"url": "https://linux.oracle.com/errata/ELSA-2022-9533.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3065 vom 2022-07-01",
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5485-2 vom 2022-07-01",
"url": "https://ubuntu.com/security/notices/USN-5485-2"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5173 vom 2022-07-03",
"url": "https://lists.debian.org/debian-security-announce/2022/msg00141.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5178 vom 2022-07-06",
"url": "https://lists.debian.org/debian-security-announce/2022/msg00146.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5505-1 vom 2022-07-07",
"url": "https://ubuntu.com/security/notices/USN-5505-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1606 vom 2022-07-07",
"url": "https://alas.aws.amazon.com/ALAS-2022-1606.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5513-1 vom 2022-07-13",
"url": "https://ubuntu.com/security/notices/USN-5513-1"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN hpesbhf04320en_us vom 2022-07-11",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbhf04320en_us"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5529-1 vom 2022-07-21",
"url": "https://ubuntu.com/security/notices/USN-5529-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5535-1 vom 2022-07-28",
"url": "https://ubuntu.com/security/notices/USN-5535-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2615-1 vom 2022-08-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011728.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9670 vom 2022-08-04",
"url": "http://linux.oracle.com/errata/ELSA-2022-9670.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2022-0020 vom 2022-08-10",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2022-August/001056.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-5937 vom 2022-08-11",
"url": "http://linux.oracle.com/errata/ELSA-2022-5937.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6437 vom 2022-09-13",
"url": "https://access.redhat.com/errata/RHSA-2022:6437"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6460 vom 2022-09-13",
"url": "https://access.redhat.com/errata/RHSA-2022:6460"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-6460 vom 2022-09-15",
"url": "http://linux.oracle.com/errata/ELSA-2022-6460.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6537 vom 2022-09-20",
"url": "https://access.redhat.com/errata/RHSA-2022:6537"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6872 vom 2022-10-11",
"url": "https://access.redhat.com/errata/RHSA-2022:6872"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6991 vom 2022-10-18",
"url": "https://access.redhat.com/errata/RHSA-2022:6991"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6983 vom 2022-10-18",
"url": "https://access.redhat.com/errata/RHSA-2022:6983"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7279 vom 2022-11-01",
"url": "https://access.redhat.com/errata/RHSA-2022:7279"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7280 vom 2022-11-01",
"url": "https://access.redhat.com/errata/RHSA-2022:7280"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7216 vom 2022-11-03",
"url": "https://access.redhat.com/errata/RHSA-2022:7216"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-185 vom 2022-11-04",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-185.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8267 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8267"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7933 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7933"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9999 vom 2022-11-16",
"url": "http://linux.oracle.com/errata/ELSA-2022-9999.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8973 vom 2022-12-13",
"url": "https://access.redhat.com/errata/RHSA-2022:8973"
},
{
"category": "external",
"summary": "Red Hat Bug-Tracker 2090226 vom 2022-12-13",
"url": "https://access.redhat.com/errata/RHSA-2022:8974"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6848585 vom 2022-12-22",
"url": "https://www.ibm.com/support/pages/node/6848585"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6955057 vom 2023-02-13",
"url": "https://www.ibm.com/support/pages/node/6955057"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0416-1 vom 2023-02-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013765.html"
}
],
"source_lang": "en-US",
"title": "Intel Prozessor: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-01T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:27:57.468+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0303",
"initial_release_date": "2022-06-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-06-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-06-16T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux, Ubuntu, SUSE, HP und Fedora aufgenommen"
},
{
"date": "2022-06-19T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2022-06-20T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-06-23T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-06-26T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-07-03T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux, Debian und Ubuntu aufgenommen"
},
{
"date": "2022-07-06T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-07-07T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-07-13T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Ubuntu und HP aufgenommen"
},
{
"date": "2022-07-20T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-07-28T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-08-01T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-08-04T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-08-10T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2022-08-11T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-09-13T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-14T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-11T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-18T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-01T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-03T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-06T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-16T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-12-13T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-21T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-02-13T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-02-15T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-06-01T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von F5 aufgenommen"
}
],
"status": "final",
"version": "31"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "HP Computer",
"product": {
"name": "HP Computer",
"product_id": "T023191",
"product_identification_helper": {
"cpe": "cpe:/h:hp:computer:-"
}
}
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE ProLiant",
"product": {
"name": "HPE ProLiant",
"product_id": "T009310",
"product_identification_helper": {
"cpe": "cpe:/h:hp:proliant:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM DataPower Gateway 10.5.0",
"product": {
"name": "IBM DataPower Gateway 10.5.0",
"product_id": "T025693",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM 7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_name",
"name": "IBM QRadar SIEM 7.4",
"product": {
"name": "IBM QRadar SIEM 7.4",
"product_id": "T024775",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.4"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Intel Prozessor",
"product": {
"name": "Intel Prozessor",
"product_id": "T011586",
"product_identification_helper": {
"cpe": "cpe:/h:intel:intel_prozessor:-"
}
}
}
],
"category": "vendor",
"name": "Intel"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer 7.0",
"product": {
"name": "Lenovo Computer 7.0",
"product_id": "T006520",
"product_identification_helper": {
"cpe": "cpe:/o:lenovo:lenovo_computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "T008027",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "VMware Cloud Foundation 4.x",
"product": {
"name": "VMware Cloud Foundation 4.x",
"product_id": "T017893",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:cloud_foundation:4.x"
}
}
},
{
"category": "product_name",
"name": "VMware Cloud Foundation 3.x",
"product": {
"name": "VMware Cloud Foundation 3.x",
"product_id": "T018738",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:cloud_foundation:3.x"
}
}
}
],
"category": "product_name",
"name": "Cloud Foundation"
},
{
"branches": [
{
"category": "product_name",
"name": "VMware ESXi 6.5",
"product": {
"name": "VMware ESXi 6.5",
"product_id": "T010749",
"product_identification_helper": {
"cpe": "cpe:/o:vmware:esxi:6.5"
}
}
},
{
"category": "product_name",
"name": "VMware ESXi 6.7",
"product": {
"name": "VMware ESXi 6.7",
"product_id": "T012450",
"product_identification_helper": {
"cpe": "cpe:/o:vmware:esxi:6.7"
}
}
},
{
"category": "product_name",
"name": "VMware ESXi 7.0",
"product": {
"name": "VMware ESXi 7.0",
"product_id": "T016618",
"product_identification_helper": {
"cpe": "cpe:/o:vmware:esxi:7.0"
}
}
}
],
"category": "product_name",
"name": "ESXi"
}
],
"category": "vendor",
"name": "VMware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21123",
"notes": [
{
"category": "description",
"text": "Im Intel Prozessor existieren mehrere Schwachstellen. Die Fehler bestehen aufgrund einer unvollst\u00e4ndigen Bereinigung von gemeinsam genutzten Multi-Core-Puffern, mikroarchitektonischen F\u00fcllpuffern, speziellen Register-Leseoperationen und speziellen Register-Schreiboperationen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006520",
"T023191",
"T008027",
"T016618",
"67646",
"T011586",
"T004914",
"T012450",
"T017893",
"T022954",
"2951",
"T002207",
"T000126",
"T001663",
"T018738",
"398363",
"T024775",
"T010749",
"T025693",
"T009310"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21123"
},
{
"cve": "CVE-2022-21125",
"notes": [
{
"category": "description",
"text": "Im Intel Prozessor existieren mehrere Schwachstellen. Die Fehler bestehen aufgrund einer unvollst\u00e4ndigen Bereinigung von gemeinsam genutzten Multi-Core-Puffern, mikroarchitektonischen F\u00fcllpuffern, speziellen Register-Leseoperationen und speziellen Register-Schreiboperationen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006520",
"T023191",
"T008027",
"T016618",
"67646",
"T011586",
"T004914",
"T012450",
"T017893",
"T022954",
"2951",
"T002207",
"T000126",
"T001663",
"T018738",
"398363",
"T024775",
"T010749",
"T025693",
"T009310"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21125"
},
{
"cve": "CVE-2022-21127",
"notes": [
{
"category": "description",
"text": "Im Intel Prozessor existieren mehrere Schwachstellen. Die Fehler bestehen aufgrund einer unvollst\u00e4ndigen Bereinigung von gemeinsam genutzten Multi-Core-Puffern, mikroarchitektonischen F\u00fcllpuffern, speziellen Register-Leseoperationen und speziellen Register-Schreiboperationen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006520",
"T023191",
"T008027",
"T016618",
"67646",
"T011586",
"T004914",
"T012450",
"T017893",
"T022954",
"2951",
"T002207",
"T000126",
"T001663",
"T018738",
"398363",
"T024775",
"T010749",
"T025693",
"T009310"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21127"
},
{
"cve": "CVE-2022-21166",
"notes": [
{
"category": "description",
"text": "Im Intel Prozessor existieren mehrere Schwachstellen. Die Fehler bestehen aufgrund einer unvollst\u00e4ndigen Bereinigung von gemeinsam genutzten Multi-Core-Puffern, mikroarchitektonischen F\u00fcllpuffern, speziellen Register-Leseoperationen und speziellen Register-Schreiboperationen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006520",
"T023191",
"T008027",
"T016618",
"67646",
"T011586",
"T004914",
"T012450",
"T017893",
"T022954",
"2951",
"T002207",
"T000126",
"T001663",
"T018738",
"398363",
"T024775",
"T010749",
"T025693",
"T009310"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21166"
},
{
"cve": "CVE-2022-21180",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle im Intel Prozessor. Der Fehler ist auf eine unsachgem\u00e4\u00dfe Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"product_status": {
"known_affected": [
"T006520",
"T023191",
"T008027",
"T016618",
"67646",
"T011586",
"T004914",
"T012450",
"T017893",
"T022954",
"2951",
"T002207",
"T000126",
"T001663",
"T018738",
"398363",
"T024775",
"T010749",
"T025693",
"T009310"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21180"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…