CVE-2022-21123

CVE Details

Release Date:

2022-06-15

Description

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

See more information about CVE-2022-21123 from MITRE CVE dictionary and NIST NVD

CVSS v3.0 metrics

NOTE: The following CVSS v3.0 metrics and score provided are preliminary and subject to review.

Base Score:	5.5	Base Metrics:	AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Access Vector:	Local network	Attack Complexity:	Low
Privileges Required:	Low	User Interaction:	None
Scope:	Unchanged	Confidentiality Impact:	High
Integrity Impact:	None	Availability Impact:	None

Errata information

Platform	Errata	Release Date
Oracle Linux version 6 (microcode_ctl)	ELSA-2022-9670	2022-08-01
Oracle Linux version 7 (kernel)	ELSA-2022-5937	2022-08-11
Oracle Linux version 7 (kernel-uek)	ELSA-2022-9481	2022-06-14
Oracle Linux version 7 (kernel-uek)	ELSA-2022-9483	2022-06-14
Oracle Linux version 7 (kernel-uek-container)	ELSA-2022-9482	2022-06-15
Oracle Linux version 7 (kernel-uek-container)	ELSA-2022-9486	2022-06-14
Oracle Linux version 7 (microcode_ctl)	ELSA-2022-9485	2022-06-15
Oracle Linux version 7 (microcode_ctl)	ELSA-2022-9507	2022-06-23
Oracle Linux version 8 (kernel)	ELSA-2022-6460	2022-09-14
Oracle Linux version 8 (kernel-uek)	ELSA-2022-9481	2022-06-14
Oracle Linux version 8 (kernel-uek-container)	ELSA-2022-9486	2022-06-14
Oracle Linux version 8 (microcode_ctl)	ELSA-2022-9484	2022-06-14
Oracle Linux version 8 (microcode_ctl)	ELSA-2022-9508	2022-06-23
Oracle Linux version 9 (kernel)	ELSA-2022-8267	2022-11-22
Oracle VM version 3 (microcode_ctl)	OVMSA-2022-0020	2022-08-03
Oracle VM version 3 (xen)	OVMSA-2022-0023	2022-08-30

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team